Archive for the ‘computer security software’ category

Data breach investigation and deadlines

December 29th, 2016

Balabit survey recently conducted a survey of more than 100 IT companies and security professionals. It has following observations:

Seventy-five percent fix time limit for investigation of potential data security incidents

Forty-four percent said that they missed internal or external deadlines of data breach investigation or reporting

Seven percent of respondents mentioned that they faced serious consequences due to missed deadline

“The Balabit survey identified that the primary reason for not being able to investigate data breaches in time is that organizations still do not understand their own data,” Balabit product manager Peter Gyongyosi said in a statement. “It is difficult for them to extract the necessary information from unstructured data with their existing tools and they lack the contextual information that would help transform this data into valuable, actionable information.”

Survey also found out that thirty percent need not report to external authorities about the progress

Seventy percent are required to report to external authorities but only twenty-five percent has set time limit

“Data and information are two different things entirely,” Prevalent director of product management Jeff Hill said. “The former is easy to collect; extracting the latter from it is much easier said than done.”

“The results of the Balabit survey are likely to surprise few in the cyber security community,” Hill added. “Investigating breaches is tedious, requires specific expertise, is increasingly difficult as attack vectors become more sophisticated, and is usually undertaken in a highly stressful and pressure-filled environment. Current techniques often require the painstaking parsing of millions of logs and identifying subtle changes in behavior.”

“CEOs are underestimating their companies’ cyber vulnerabilities,” RedSeal chairman and CEO Ray Rothrock said in a statement. “Their confidence does not square with what we observe. Cyber attacks are up and financial losses associated with these attacks are increasing dramatically.”

 ___________________________________________________________________________________

Alertsecs cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

Email data breach

December 26th, 2016

A phishing email attack on the County of Los Angeles has led to data breach. The incident has affected thousands of individuals. County officials has implemented strict security measures. According to the reports, approximately 100 County employees received credible looking email from the hacker. They provided their usernames and passwords to them.

Some of the employee accounts contained confidential client/patient information. Arrest warrant is issued by the District Attorney Office’s Cyber Investigation Response for Austin Kelvin Onaghinor of Nigeria. The person is charged with nine counts which includes unauthorized computer access and identity theft.

Forensic examination was conducted by county. It also released a statement mentioning that “756,00 individuals were potentially impacted through their contact with the following departments: Assessor, Chief Executive Office, Children and Family Services, Child Support Services, Health Services, Human Resources, Internal Services, Mental Health, Probation, Public Health, Public Library, Public Social Services, and Public Works.”

County also believes that,“there is no evidence that confidential information from any members of the public has been released because of the breach.”

Facility is offering one-year identity monitoring for affected individuals which includes credit monitoring, identity consultation, and identity restoration. During the investigation, county didn’t send notice to affected individuals as instructed by law enforcement.

As per the statement, “We encourage you to remain vigilant against incidents of identity theft and fraud, to review your account statements, and to monitor your credit reports and explanation of benefits forms for suspicious activity. Under U.S. law, you are entitled to one free credit report annually from each of the three major credit reporting bureaus.”

County also mentioned that the minors under the age of eighteen are enrolled in identity consultation and identity restoration services. It has set up call center to address concerns related to potentially affected minors.

____________________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

One billion Yahoo accounts exposed

December 21st, 2016

Yahoo recently announced that the data breach exposed data associated with more than one million user accounts. It later said that the breach involves around 500 million user accounts. Affected information includes names, email addresses, phone numbers, birthdates, hashed passwords and security questions and answers.

Data Breach Incident

As per the Yahoo statement, ”The company has not been able to identify the intrusion associated with this theft.”

Yahoo has advised users to change their passwords. Also, security questions and answers need to be changed.

“Separately, Yahoo previously disclosed that its outside forensic experts were investigating the creation of forged cookies that could allow an intruder to access users’ accounts without a password,” the company stated. “Based on the ongoing investigation, the company believes an unauthorized third party accessed the company’s proprietary code to learn how to forge cookies.”

Yahoo mentioned that there is involvement of certain state-sponsored actor.

“Considering the insufficient security measures that were previously reported to be implemented by the last investigation of 500 million stolen accounts, it’s clear that the defense strategy Yahoo used was not keeping up with the times,” Nathan Wenzler, principal security architect at AsTech Consulting said. He also added that large organization is not always secure.

“Users should always be vigilant and change their credentials on a regular basis, even when used on the websites of very well established and reputable companies,” he said.

“Organizations of all sizes should be taking note of these breaches and use this as a good opportunity to review their own security posture to ensure that outdated and weak security measures aren’t being used,” Wenzler added. “Something like the MD5 hashing that Yahoo was using to protect account information hasn’t been considered a viable security protocol in several years, and is easily cracked.”

“At this time anyone who touched Yahoo needs to do some serious housekeeping on all their systems, all of their passwords and all of their accounts to make sure there is no cross contamination.” Acalvio chief security architect Chris Roberts mentioned in the email.

____________________________________________________________________________________________

Alertsec Endpoint Encrypt is the full disk encryption service that also delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Ransomware attack

December 18th, 2016

Dr. Melissa D. Selke based in New Jersey recently announced a data breach. Facility website posted a data breach notification letter. The incident may have affected several thousand patients.

Selke found out that her system had been infected with a virus that prohibited access to patient files. The system was restored immediately. After investigation, the possibility of ransomware attack was analyzed. An unauthorized third party introduced the virus onto her system.

Melissa D. Selke, MD, has practiced privately in the area of Hillsborough and Somerset, New Jersey.  Her total experience of the practice is 15 years. She is board certified in Family Medicine.

Dr. Selke has following education qualification –

BA in behavioral biology with honors at the Johns Hopkins University in Baltimore, Maryland

MD at Baylor College of Medicine in Houston, Texas. After graduating

Residency in Family Medicine at Spartanburg Regional Medical Center in Spartanburg, South Carolina.

Affected information in this incident includes patients’ names, addresses, phone numbers, Social Security numbers, treatment and diagnosis information, driver’s license information, health insurance information, treating physician information, medical record number, and treatment date(s).

Dr. Melissa mentioned in her letter that the third-party “viewed or took patient information stored on the server.”

“We take this incident, and patient privacy, very seriously,” Selke said in a statement. “We are taking steps to help prevent another incident of this kind from happening, and continue to review our processes, policies, and procedures that address data privacy.”

As per the OCR data breach reporting tool, incident has affected approximately 4,200 individuals.

While no protection services were offered, Selke encouraged affected individuals “to remain vigilant against incidents of identity theft and fraud.” Individuals should regularly review their financial account statements, credit reports, and explanations of benefits for suspicious activity, the notification letter said.

____________________________________________________________________________________________

Alertsec helps you comply with HIPAA, PCI and SOX requirements. The implemented encryption is powered by CheckPoint and has the highest security certifications: FIPS 140-2, Common Criteria EAL4 and BITS.

Data breach at Quest Diagnostics

December 15th, 2016

Quest Diagnostics recently suffered data breach which may have involved the information of 34,000 patients. According to the reports,  an unauthorized third party got access of the MyQuest Care360® internet application.

Quest Diagnostics is a global company with headquarters in the U.S. It has operations in India, Ireland, and Mexico. Customers from more than 130 countries use its products and services. Facility also has collaboration with many international diagnostic laboratories, clinics and hospitals.

In United States, facility provides clinical testing services through a national network of laboratories. It is located in major metropolitan areas. In India, it provides a range of products and services to physicians, hospitals, life insurance companies and pharmaceutical/biotech companies through the state-of-the-art laboratory facility in Gurgaon.

In the data breach, Social Security numbers, credit card information, and insurance or other financial information are safe. Affected information included name, date of birth, lab results, and telephone numbers for few.

“When the intrusion was discovered, we immediately took steps to stop any further unauthorized activity,” read the letter, which was signed by Quest Executive Director of Compliance Operations & Privacy Office Carl A. Landorno. “We are taking steps to prevent similar incidents from happening in the future, and are working with a leading cybersecurity firm to assist with our investigation and to further evaluate our systems. We have also reported the incident to federal law enforcement authorities.”

Quest believes that there is no indication that the PHI has been misused in any way. It also mentioned that there is no need for potentially affected individuals to take additional steps to protect themselves from the breach.

“We sincerely apologize for this breach of your information. We have established a dedicated toll free number for you to call if you have any questions regarding this incident.”

____________________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

Ambucor data breach

December 13th, 2016

As per the report, a former Ambucor employee reportedly downloaded certain information without proper authorization.

“Ambucor has been working with federal law enforcement concerning this incident and has been cooperating fully in the ongoing investigation. As a result of those ongoing efforts, federal law enforcement authorities recently provided Ambucor with two thumb drives that this former employee turned over to them after his departure from Ambucor.”

Potentially affected information included patients’ first and last name, phone number, diagnosis, medications, date of birth, race, home address, testing data (i.e., type of test, test results, date of test and whether testing was monthly or not), patient identification number, medical device information (i.e., manufacturer, identification number, and model/serial numbers), Ambucor enrollment number, Ambucor enrollment date, Ambucor technician name, physician name(s), and the name and address of the practice where the patient was seen.

Ambucor believes that there is no indication that the information has been misused.  One year of complimentary identity protection services is offered by the facility. As per the OCR reporting tool, incident  affected 1,878 individuals.

Earlier Ambucor breach has affected at least two other healthcare providers which includes Wentworth-Douglass Hospital (WDH) and Greenville Health System (GHS).

As per the statement on the website, affected individuals are advised to take below steps:

Billing statement reviewing

Suspicious activity should be reported to the concerned authorities

Obtain copies of medical files and see for any inaccuracy. Contact each doctor, clinic, hospital, pharmacy, laboratory, and location where unauthorized individual may have used your information.

____________________________________________________________________________________________

Alertsec helps you comply with HIPAA, PCI and SOX requirements.

Data breach at Vascular Surgical

December 7th, 2016

Vascular Surgical Associates based in Georgia recently suffered data breach after one of its computer servers was hacked. As per the statement, the attack occurred during the time of a software update. After an initial investigation by the facility, it found out that a compromised vendor password was used in this incident.

As per the FAQ section of Vascular Surgical, it had “hired vendors with national reputations and significant client bases to support the computer system infrastructure we use to maintain our medical records.” Furthermore, the ONC had certified the software.

“A password that was created by one of these vendors and controlled by that vendor was used to access our system inappropriately,” the FAQ read. “The perpetrators installed software on our system to prevent us from seeing the activity, but once that activity was identified by our internal IT staff, the system access was changed to prevent additional access using that password.”

As per the OCR data breach reporting tool, incident affected 36,496 individuals. As per the preliminary reports, it is likely that the hackers reside in other countries. Affected information included medical records and demographic information such as dates of birth and addresses. Social Security numbers and financial data were not present on the compromised server. Facility also mentioned that portal was not involved or affected. Patient care is carried as usual.

“Upon learning of the incident and verifying the unauthorized access through forensic evaluation, we immediately secured the server so that this type of attack could not occur again,” the statement explained. “We are confident that none of our staff had any involvement in this incident, as the compromised password that was used to access the information was only available to our vendors and their staffs.”

____________________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

Data breach due to stolen laptop

November 30th, 2016

Kineto Rehab PHysical Therapy, PLLC based in New York recently suffered data breach due to stolen laptop.  As per the reports, a bag containing a work laptop was stolen by the individual. Facility got hold of the footage which identifies thief. It also found out the bag later without laptop in it. Police are still working to track down the thief.

As per the statement, “We sincerely apologize for this incident and we regret any inconvenience it may cause you. Should you have questions or concerns regarding this matter, please do not hesitate to contact us.”

Affected information includes patient names, dates of birth, addresses, Social Security numbers, insurance information and clinical/physical therapy notes.

“There is no indication that your information has been accessed or used by an unauthorized individual,” read the Kineto statement, which was signed by CEO Shirley Agapito, DPT. “Please be assured that we have taken every step necessary to address the incident, and that we are committed to fully protecting all the information that has been entrusted to us.”

As per the OCR data breach reporting tool, the incident affected 665 individuals. Facility mentioned that affected Individuals will be offered a complimentary one-year membership identity protection services.

Website statement provides guidelines as below:

Fraud Alert

Place fraud alert when someone else tries to open a credit account in your name, get add on card or increase the credit limit.

Security Freeze

One can place security freeze on credit report which will stop lenders and others from accessing credit report completely.

Review Reports

Order free annual credit report and look for any discrepancies and spendings.

Credit providers and tools

Create message /email alerts on credit cards and bank accounts to notify you of any transaction or activity. Report the bank if you have not carried out that activity.

____________________________________________________________________________________________

Alertsec helps you comply with HIPAA, PCI and SOX requirements.

OCR sent out warning emails

November 28th, 2016

OCR sent out an email stating that employees of HIPAA covered entities and their business associates should know of an alleged phishing scam which uses Department of Health and Human Services (HHS) letterhead. As per the reports, the email is using a mock HHS department letterhead and OCR Director Jocelyn Samuels’ signature. Efforts are made by the scammers to make phishing emails look like official OCR Audit communication.

“The email prompts recipients to click a link regarding possible inclusion in the HIPAA Privacy, Security, and Breach Rules Audit Program,” OCR warned. “The link directs individuals to a non-governmental website marketing a firm’s cybersecurity services.”

OCR also mentioned that the entity sending the email is not associated with the agency or with HHS.

“We take the unauthorized use of this material by this firm very seriously,” the email read. “In the event that you or your organization has a question as to whether it has received an official communication from our agency regarding a HIPAA audit, please contact us.”

Phishing Scam

Phishing scams involves emails, messages, phone calls, websites to obtain sensitive information such as usernames, passwords, and credit card details. It is done mostly posing as trustworthy entity.

Recent Wombat survey on phishing as below assessment :

Thirteen percent of respondents from healthcare industry clicked on simulated phishing emails

In Manufacturing and energy sector,  nine percent clicked on simulated phishing emails

Clearly, phishing is a focus area across the industry, but the efforts can’t stop there,” Wombat President and CEO Joe Ferrara said in a statement. “To reduce cyber risk in organizations, security education programs must teach and assess end users across many topic areas, like oversharing on social media and proper data handling. Many of these risky behaviors exacerbate the phishing problem.”

____________________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

Data breach due to billing service provider

November 24th, 2016

A physical therapy provider recently suffered data breach which involves personal information. The security incident may have affected 1,100 patients at Best Health Physical Therapy. secure-data

Best Health is owned by Travis Lombardi, PT, MSPT.  It provides solution and services to meet rehabilitation goals of individuals. It provides solution for orthopedic and sports medicine, neurological, arthritis, fracture and other issues.

Facility came to know that one of the computer from its billing services provider was inappropriately accessed. The person who got access to the accounts writes blogs on internet security. The individual was reportedly looking for data vulnerabilities. He said that he has no intention of misusing any of the accessed information.

Potentially affected information includes names, addresses, dates of birth, insurance information, driver’s license information and health information. Best Health said that there is no evidence that the data was misused. It also highlighted the fact that the vulnerability was not on its computer system. Billing provider’s system failed to secure its system.

“Best Health took immediate steps to investigate and determine the source and extent of any access to our patients’ information,” Best Health said. “The vulnerability was identified and closed by the billing service provider immediately. Updated access controls are now in place to secure the account. Best Health has terminated its relationship with the billing service provider.”

Best Health did not mention the number of affected individuals but as per the OCR data breach reporting tool,  total 1,100 patients’ information were affected.

“Best Health takes the privacy and protection of its patients very seriously and we sincerely apologize for any concern that this may cause. If you are a patient of Best Health and have questions or concerns regarding this matter and/or the protections available to you, please do not hesitate to call.”

____________________________________________________________________________________________

Alertsec Endpoint Encrypt helps you protect your valuable data from falling into the wrong hands by encrypting it at the source.