Archive for the ‘Computer security’ category

Data breach due to email hack

February 20th, 2017

Foot and ankle surgeon Jay Berenter’s office announced data breach due to an email hack. Hackers sent some patients an email that the office employees claimed not to have sent. As per the reports, the email sent to Dr. Berenter’s contacts  contained a DocuSign document waiting for their review.

As per the statement, “Dr. Berenter takes the protection of information seriously and understands how important trust is in a physician-patient relationship.”

Dr. Berenter’s office immediately sent another email informing patients not to access the DocuSign email. After the incident came to notice, Dr. Berenter’s office took steps to secure the email account. It also hired forensic IT specialists.

Investigation was carried out to determine the extent of breach. it also checked whether any of the office’s systems were affected. Facility mentioned that the incident was determined to be limited to the email account only. Potentially affected information includes patient registration forms, prescriptions, and patient names.  As per the data breach reporting tool, the incident affected 569 individuals.

Facility has also hired forensic IT specialists to investigate the incident further. It is trying to make sure that no electronic medical records were accessed. Facility is implementing new email system. Additional internal administrative steps are taken to prevent a similar hack.

Federal agencies of California Attorney General and the Federal Department of Health and Human Services are notified about the incident. Facility believes that there is no evidence to say that information is misused.

Dr. Berenter’s office has provided contact information to answer queries. One year of complimentary identity theft protection is provided to potentially affected clients. It has also encouraged to place a free 90 day fraud alert on affected accounts.

“Protecting your information is incredibly important to Dr. Berenter, as is addressing this incident with the information and assistance you may need.”

___________________________________________________________________________________

Alertsec helps you comply with HIPAA, PCI and SOX requirements.

Unauthorized access and data breach

February 17th, 2017

Verity Health System based in California recently announced that an unauthorized access may have caused data breach. The incident affected personal information of more than 9,000 individuals.

Verity Health operates six hospitals which includes Seton in Daly City, Seton Coastside in Moss Beach, O’Connor in San Jose, St. Louise in Gilroy and two in Southern California. It also runs Verity Medical Foundation and Verity Physician Network. Verify Health was known as Daughters of Charity. It was renamed after taken over by investment firm BlueMountain Capital Management.

Verity Health mentioned that the access occurred on the Verity Medical Foundation-San Jose Medical Group website.  It mentioned that the website is no longer in use. Also, immediate steps were taken to secure it and protect it from further damage.

Affected information included patient names, dates of birth, medical record numbers, addresses, email addresses, phone numbers and the last four digits of credit card numbers. Full credit card numbers and Social Security numbers were not included in the breach.

Verity mentioned that 9,000 got affected individuals in its statement. As per the OCR data breach reporting tool, incident impacted 10,164 individuals.

“Verity Health System takes the security of our patients’ information seriously, and we regret that this incident occurred,” Verity Health CEO Andrei Soran said in a statement. “We took immediate steps to investigate this incident, notify the affected individuals and appropriate authorities, and ensure enhanced protection of our information systems going forward. We are working with a leading cyber-security firm to further evaluate the integrity of our information systems.”

Facility believes that there are no reports of misuse of information. It has also established a call center to answer queries. It is also offering one free year of credit monitoring services for potentially affected patients.

___________________________________________________________________________________

Alertsec helps you comply with HIPAA, PCI and SOX requirements. The implemented encryption is powered by CheckPoint and has the highest security certifications: FIPS 140-2, Common Criteria EAL4 and BITS.

Break In causes data breach

February 14th, 2017

Wichita, Family Medicine East, Chartered based in Kansas reported that it suffered data breach due to theft of an unencrypted desktop computer and printer from its facility. As per the reports, an individual got into the building by breaking an exterior window. Family Medicine mentioned that police have not yet caught the thief. Also, stolen items are not recovered.

Family East mentioned that “a significant number contained images of typed office notes dictated by Family Medicine East physicians during 2002 and 2003.”

Affected information included patient names, dates of birth, appointment dates, and the name or initials of the physician or PA who saw patients were in the notes. Social Security numbers and addresses are not included in the breach. Letters written to other physicians discussing a Family Medicine referral were included for few. Letters were also identified by name and information about their medical condition.

“[The notes and letters] were typed by transcriptionists engaged for that purpose in 2002 and 2003,” Family East said in its online statement. “The files remained on the computer that was stolen as a result of an employee’s oversight, and were not detected during a number of risk analyses undertaken prior to the theft, as part of efforts to secure all individually identifiable health information.”

Individuals who got treated in 2002 or 2003 are asked “to take steps to eliminate or minimize potential harm that could be caused by the theft.” Steps also include obtaining credit reports and monitoring their financial and baking accounts for activities.

Facility mentioned that it is offering complimentary credit monitoring services to potentially affected patients. It also said that all computers and systems will be encrypted.

“While Family Medicine East hopes to recover the stolen computer, this may not be possible,” the statement explained. “As part of its ongoing effort to prevent breaches of protected health information, Family Medicine East began the process of encrypting health information stored on laptop computers used by the doctors, PAs and nurses for patient care some time ago.”

_____________________________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

Funding for bug bounty vendor

February 9th, 2017

As per the recent news, one can make money in the rewarding business of security researchers for finding security vulnerabilities. HackerOne published that they have raised a $40M Series C round of funding. Total funding received till date for the San Francisco based company is $74 Million.

Dragoneer Investment Group led new round of funding. It will be used to help HackerOne grow its business.

“HackerOne is at the forefront of the burgeoning bug bounty movement,” Marc Stad, Founder and Managing Partner of Dragoneer Investment Group, said in a statement. “It is borderline silly for a company not to utilize a bug bounty platform given the immediate reduction in security vulnerabilities and the relatively low price point compared to other security options.”

Rice, co-founder and CTO of HackerOne in the video interview mentioned the statistics of business growth. Also, discussed the bugs found by HackerOne’s community of researchers.

Hacking the pentagon program was one of the major successes of HackerOne. The results were positive. It has 1,400 security researchers participating in the program. It also discovered 138 serious vulnerabilities which were fixed quickly. Also, the U.S. Department of Defense also got involved in the program.

HackerOne faces competition from bug bounty vendor Bugcrowd. The rival has raised $24 million in funding to date which includes $15 million Series B round.

“When I started the company in 2013, I spent most of my time explaining what a bug bounty was to people,”Bugcrowd founder and CEO Casey Ellis said. “I don’t have to do that anymore.”

“How we do things today is we prove a concept manually first, apply human intelligence to the problem set and then take the repeatable learnings and codify that,” Ellis said.

The market of buy bounty is competitive but there is demand. Rice also mentioned that more bugs have been found by third party bug bounty companies as compared to vendors.

_____________________________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

Health Facility suffers email hack

February 7th, 2017

Multicare Health System recently announced data breach due to an email hack. The incident potentially affected 1,200 patients. The Washington health system mentioned that it has no information at this time to believe that any patient personal health information was accessed or misused in any way.

Facility will send the notification to affected patients. Also, patients have been advised to review their Explanation of Benefits statements and to remain vigilant to signs of irregularities related to their health insurance.

MultiCare stated that an unauthorized individual gained access to an employee email account. The information in the emails likely contained personal patient information ranging from addresses to account balances. Facility added that financial information and Social Security numbers were not present on the affected email account.

After the incident the affected email account has been secured. Password has been changed. Facility initiated an investigation into the incident and has provided contact information for patients concerned about the status of their information.

About Multicare:

“MultiCare is a not-for-profit health care organization with more than 10,000 employees and a comprehensive network of services throughout Pierce, South King, Thurston and Kitsap counties.

Facilities heritage dates back to the founding of Tacoma’s first hospital in 1882. Since then, it has grown to meet the ever-changing needs of our region-always focusing on excellence, innovation and patient care.”

When  email account gets hacked one should follow below steps to minimize the damage:

Initial step is to assess the damage done by hackers.

Visit the website of your email provider and try to regain the access.

Change the password by authorised method. Check inbox and trash for any password reset emails, which were not initiated by you.

Scan your computer with anti virus software. Many emails are hacked today to install virus on your computer.

Review your personal settings.

Validate the source  of any program, game and app before downloading it.

_____________________________________________________________________________________________________

Alertsec Endpoint Encrypt is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Software glitch at TriHealth

January 31st, 2017

TriHealth recently suffered software glitch which replaced the mailing addresses of 1,126 TriHealth patients with an old address. The healthcare organization had the old address on another file. The glitch resulted in sending billing statements and other correspondence to the previous addresses of patients.

“Please be assured that TriHealth takes patient privacy very seriously. The addresses of the affected patients have been corrected in TriHealth’s computer system and the software problem has been fixed. Please accept our sincere apology for any inconvenience this may have caused.”

Facility mentioned that they can’t confirm whether the billing statements was sent to patients current addresses. It is notifying patients of the incident. Incorrect billing statements, advisory letters, and other letters were sent to affected patients between November 15, 2016 and January 12, 2017.

Affected information included patient name, financial charges, payments and adjustments, balance and amount due, and appointment reminders, among other pieces of information. Facility mentioned that no sensitive patient information, such as Social Security numbers or credit card numbers, were affected.

TriHealth mentioned that there is no evidence of information misuse. It has offered a free credit report annually. It has now resolved the software problem.

About TriHealth

“Bethesda and Good Samaritan Hospital joined together to form TriHealth in 1995, bringing together two of Cincinnati’s finest health care organizations. Through these two acute care hospitals and more than 130 sites of care, TriHealth provides a wide range of clinical, educational, preventive and social programs. TriHealth’s non-hospital services include physician practice management, fitness centers and fitness center management, occupational health centers, home health and hospice care.”

According to a study conducted most of data breaches are the result of human mistakes and system problems.

“While external attackers and their evolving methods pose a great threat to companies, the dangers associated with the insider threat can be equally destructive and insidious,” says Larry Ponemon, chairman and founder of security research think tank the Ponemon Institute.

____________________________________________________________________________________________

 Alertsec helps you comply with HIPAA, PCI and SOX requirements.

Ukraine Blackout

January 27th, 2017

According to the Ukraine’s national power company Ukrenergo, blackout in Kiev was due to cyber attack. Initial reports suggested that workstations and SCADA systems at a 330-kilowatt substation were attacked by hackers. The Company didn’t mention the source from which the attack originated.

“The analysis of the impact of symptoms on the initial data of these systems indicates a premeditated and multi-level invasion,” Ukrenergo said.

“The attackers actually attacked more but couldn’t achieve all their goals.” Said Honeywell lead cyber security researcher Marina Krotofil.

Marina said that the attackers hid in the network for six months. She added, “The team involved had quite a few people working in it, with very serious tools and an engineer who understands the power infrastructure.”

In 2015, a similar attack was attributed to Russian hackers. It affected 225,000 people in western Ukraine while damaging power distribution equipment.

“Cyber attacks that cripple critical infrastructures continue to grow at a rapid pace — the repeated attacks on power plants in Ukraine, resulting in a loss of power to hundreds of thousands, [are] just the latest example,” Dtex Systems CEO Christy Wyatt told eSecurity Planet by email.

“It is crucial for all public and private sector organizations to focus on not only mitigating these attacks, but preventing nation state actors from gaining access to their networks in the first place,” Wyatt added.

Recent Survey Tripwire of 200 IT professionals working for governments has below findings –

Ninety-eight percent believe smart cities are at risk for cyber attacks

Thirty-eight percent said smart grids have the greater cyber security risks

Twenty percent said they have smart city initiatives

Fifty-five percent says they don’t have enough cybersecurity resources

“Security isn’t usually glamorous, and it can be difficult to    sell the need for added time and cost on a project, even when it’s to ensure that services are secure,” Tripwire senior director of IT security and risk strategy Tim Erlin said in a statement. “Smart city initiatives are pushing the technological envelope for urban infrastructure management, and it’s clear from the survey results that cyber security is being left out of the conversation.”

____________________________________________________________________________________________

Alertsec Endpoint Encrypt is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Largest number of data breaches in US in 2016

January 25th, 2017

Identity Theft Resource Center (ITRC) and CyberScout, 2016 conducted survey and mentioned that US suffered an all-time high of 1,093 reported data breaches. Previous year breaches stands at 780. Thus making a 40 percent increase in the breach count.

ITRC president and CEO Eva Velasquez said he is not sure whether the increased number is due to increase in the breaches or more companies making it public.

“For the 10 years, the ITRC has been aware of the under-reporting of data breach incidents on the national level and the need for more state or federal agencies to make breach notifications more publicly available,” Velasquez said in a statement. “This year we have seen a number of states take this step by making data breach notifications public on their websites.”

According to the survey the breaches categories include –

The business sector – 494  incidents

Healthcare industry – 377 incidents

The education sector – 98 incidents

The government/military -72 incidents

Banking/credit/financial sector – 52 incidents

Other findings include –

Hacking and phishing  attacks – 55.5 percent of breaches

Employee error – 8.7 percent breaches

Fifty-two percent exposed Social Security numbers

“For businesses of all sizes, data breaches hit close to home, thanks to a significant rise in CEO spear phishing and ransomware attacks,” CyberScout CEO Matt Cullina said in a statement. “With the click of a mouse by a naive employee, companies lose control over their customer, employee and business data.”

“In an age of an unprecedented threat, business leaders need to mitigate risk by developing C-suite strategies and plans for data breach prevention, protection and resolution,” Cullina added.

“The database compromises of 2016 confirmed yet again that breaches are the third certainty in life and we are all living in a constant state of cyber insecurity,” CyberScout chairman and founder Adam Levin said in a statement. “Hackers and identity thieves continue to evolve. They are very sophisticated, extremely creative and dogged in their pursuit of what is ours.”

Separately, 10Fold recently published a list of top ten breaches of 2016.

“If 2015 was the year of the healthcare data breach — breaches impacted nearly 40 million people — then 2016 was the year of the social media breach,” Angela Griffo, vice president of 10Fold’s cyber security practice, said in a statement. “Four of the top 10 breaches were social media related and impacted more than 640 million people.”

“But the biggest surprise of the year was Yahoo revealing that the information of more than 1.5 billion people had been stolen by attackers,” Griffo added. “Regardless of an attacker’s motive, any compromised information leaves users susceptible to identity theft and fraud.”

____________________________________________________________________________________________

Alertsec is powered by Check Point Endpoint Security products, which are positioned in the leaders quadrant in Gartner’s Magic Quadrant for Mobile Data Protection. The implemented encryption has the highest security certifications – FIPS, Common Criteria and BITS.

Cybersecurity breach at Virginia hospital

January 23rd, 2017

Sentara Healthcare announced data breach when one of its third party vendors suffered a cybersecurity breach. The incident affected personal health information. Vascular and thoracic procedures occurring between 2012 and 2015 at a Sentara facility where involved in this breach. Potentially accessed information includes patients’ names, medical records, and Social Security numbers.

“We assure our patients that we are committed to the security of the personal information we maintain and are taking this matter very seriously. To help prevent something like this from happening in the future, the vendor has informed us that it is enhancing its system security. In addition, Sentara continually strengthens policies and procedures and invests in technologies which protect our information technology systems.”

Sentara started the investigation by reaching third party vendor. It also called upon law enforcement. It has started sending and mailing advisory to affected individuals.

Facility suggested that the affected patients should check for any signs of possible fraud. Also, they are advised to review account statements and get free credit reports. Organisation has provided resources to help for future security.

“If you believe you are the victim of identity theft or have reason to believe your personal information has been misused, you should immediately contact the Federal Trade Commission and/or the Attorney General’s office in your state. You can obtain information from these sources about steps an individual can take to avoid identity theft as well as information about fraud alerts and security freezes.  You should also contact your local law enforcement authorities and file a police report.  Obtain a copy of the police report in case you are asked to provide copies to creditors to correct your records.”

Sentara is one of the nation’s top integrated healthcare systems. It works on a not-for-profit system which includes imaging centers, nursing and assisted-living centers, outpatient campuses, physical therapy and rehabilitation services, home health and hospice agency, a 3,800-provider medical staff and four medical groups. It also provides medical transport ambulances and nightingale air ambulance.

____________________________________________________________________________________________

Alertsec is powered by Check Point Endpoint Security products, which are positioned in the leaders quadrant in Gartner’s Magic Quadrant for Mobile Data Protection.

HIPAA violated by VA Senator

January 19th, 2017

A Virginia State Senator act of unlawful sharing of patient information led to an investigation into alleged HIPAA breach. As per the reports, senator during her 2015 campaign used patient contact information to send political solicitations. It violated federal health privacy rules.

Senator Dunnavant sent emails and print letters to 1500 patients during the 2015 election campaign. She ran in a four-way Republican primary for the 12th District seat. US Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) mentioned that senator broke federal HIPAA law due to the use of patients’ information and her decision to disclose the same with her campaign manager.

Conservative blogger Tom White and an unnamed individual filed a complaint against Dunnavant after receiving the letter during her campaign. HHS investigators mentioned that the case is closed. They mentioned that senator Dunnavant will not face any penalties or fines as she took prompt actions to minimize the damage.

“For me, it’s really all about the fact that none of my patients were harmed,” Dunnavant said.

She also added that it is regrettable. The senator said that she ran the letter by her medical practice board and lawyers. They took no issue with it. She also mentioned the sharing of information with campaign manager was done under HIPAA’s Privacy and Security rule. Investigators denied the legitimacy of her claim.

“Dr. Dunnavant’s position that the disclosure and use of (protected health information) to and by the campaign committee was strictly related to treatment or health care operations is not supported by the evidence,” Barbara J. Holland, the mid-Atlantic regional manager for the HHS OCR, wrote in a letter dated Dec. 6. “The letter expressly encouraged patients to participate in campaign activities and invited patients to contact the campaign for additional information.”

HHS mentioned that they are willing to take additional steps if more complaints or evidence of misconduct comes forward in the future.

____________________________________________________________________________________________

Alertsec helps you comply with HIPAA, PCI and SOX requirements.