Archive for the ‘glitch’ category

Cyber Attacks

December 25th, 2017

Austin Manual Therapy mentioned that they suffered data breach due to unauthorized access to its system. As per the reports, limited parts of the system were accessed. There is no data which shows that the attack was also carried on the organization’s core EHR system.

“Despite conducting a comprehensive forensic analysis, we have very little evidence as to what documents or information the attacker was able to access or steal,” Austin Manual Therapy stated. “We know that the attacker was able to access one of our computers and a shared file system.”

Affected information included addresses, phone numbers, occupations, dates of birth, insurance policy information, insurance coverage and eligibility information, charge amounts, dates of service, driver’s license information, diagnosis, health screening information, referring physician information, and full or partial Social Security numbers.

As per the OCR tool, total 1,750 individuals may have been affected.

“While our investigation is substantially complete, it remains ongoing and will likely continue through the end of the year,” Austin Manual explained. “We also have implemented and are continuing to implement additional security measures designed to prevent a recurrence of this type of attack, to quickly identify unusual activity, and to further protect the privacy of your information.”

CA Facility Data Breach

California-based Stanislaus County Behavioral Health and Recovery Services (BHRS) mentioned that it suffered data breach due to a ransomware attack.

“The network has been shut down and isolated from the County-wide network while online services and communication are being provided by other means temporarily, and client care has continued,” read a Stanislaus County statement from December 15, 2017.

Stanislaus County said that it has previously mitigated ransomware attacks, but this time “the particular techniques used in this attack were able to get past the security mechanisms that are in place.”

“All BHRS computers are being held in quarantine to prevent any further infection,” the statement read. “No breech of personal information has been detected at this time.”

Stanislaus County did not mention the affected number of individuals.

BHRS has more than 400 employees and provides services “for about 14,000 adults and children, including mental health services and help with overcoming addictions.”

__________________________________________________________________________________________

AlertSec ACCESS is a patent pending technology designed to check that devices are encrypted before access to a network is granted.

DDoS Attack

November 29th, 2017

DDoS attack attempts on organizations was 237 per month or eight attack attempts a day in third quarter of 2017.

“The growing availability of DDoS-for-hire services is causing an explosion of attacks, and puts anyone and everyone into the crosshairs,” Corero CEO Ashley Stephenson said in a statement. “These services have lowered the barriers to entry in terms of both technical competence and price, allowing anyone to systematically attack and attempt to take down a company for less than $100.”

“Alongside this trend is an attacker arms race to infect vulnerable devices, effectively thwarting other attackers from commandeering the device,” Stephenson added. “Cyber criminals try to harness more and more Internet-connected devices to build ever larger botnets. The potential scale and power of IoT botnets has the ability to create Internet chaos and dire results for target victims.”

In second quarter of 2017, the attack leveraged multiple vendors “Often lasting just a few minutes, these quick-fire attacks evade security teams and can sometimes be accompanied by malware and other data exfiltration threats,” Stephenson said.

Sapio Research conducted survey on behalf of CDNetworks. It shows that 88 percent of U.S. respondents are confident in their current DDoS mitigation capabilities. Among them 69 percent got affected by DDoS attack within the past 12 months.

“The results show that most U.S. companies are mindful of the alarming recent rise in DDoS attacks, and are increasing their investment in mitigation technology in response,” CDNetworks Americas managing director Alex Nam said in a statement. “This has understandably led to a confidence in resilience. But when comparing alongside the frequency of DDoS attacks and the likelihood of their success, this confidence tips worryingly into complacency.”

There was increase in attack on gaming services and on platforms offering new financial services such as initial coin offerings (ICOs).

“Entertainment and financial services — businesses that are critically dependent on their continuous availability to users — have always been a favorite target for DDoS attacks,” Kaspersky head of DDoS protection Kirill Ilganaev said in a statement. “For these services, the downtime caused by an attack can result not only in significant financial losses but also reputational risks that could result in an exodus of customers to competitors.”

____________________________________________________________________________________________

AlertSec ACCESS is a patent pending technology. It is designed to enforce that devices are encrypted before access to a network is granted. Encrypted devices secure your data in case a device is lost or stolen.

Half of the third party softwares are outdated

June 13th, 2017

Synopsys conducted a study of 128,782 software applications which shows that almost fifty percent are old.

“Over time, vulnerabilities in third-party components are discovered and disclosed, leaving a previously secure software package open to exploits,” Synopsys Software Integrity Group general manager Andreas Kuehlmann said in a statement. “The message to the software industry should not be whether to use open source software, but whether you are vigilant about keeping it updated to prevent attacks.”

The survey also showed that some of the vulnerability dates back to 1999.

“Coming on the heels of last month’s WannaCry outbreak, the insights in the report serve as a wake-up call that not everyone is using the most secure version of the available software,” Synopsys security strategist Robert Vamosi said. “The update process does not end at the time of software release, and an ongoing pattern of software updates must be implemented throughout the product lifecycle.”

“As new CVEs are disclosed against open source software components, developers need to know whether their products are affected, and organizations need to prevent the exploit of vulnerabilities with the latest versions when they become available,” Vamosi added.

Vanson Bourne survey mentioned that companies are not up to date considering patches and new versions. Half of the user mentioned that they have to bring a team for patches or to deal with a security issue.

“We can see with the recent WannaCry outbreak — where an emergency patch was issued to stop the spread of the worm — that enterprises are still having to paper over the cracks in order to secure their systems,” Bromium CTO and co-founder Simon Crosby said in a statement. “The fact that these patches have to be issued right away can be hugely disruptive to security teams, and often very costly to businesses, but not doing so can have dire consequences.”

“WannaCry has certainly shined a spotlight on a problem that has plagued enterprises for years,” Crosby added. “It is simply impractical to expect enterprise organizations to continually upgrade — even when they have licenses, the actual deployment creates huge disruption, or in some instances would require an entire hardware refresh and result in huge upfront capital costs.”

____________________________________________________________________________________________

Alertsec helps you comply with HIPAA, PCI and SOX requirements. 

Illegal Access of Health Records

April 23rd, 2017

Virginia Mason Memorial Hospital employees accessed data which was not included in their job responsibility. Facility found out that 21 hospital employees were involved. The incident has affected 419 emergency room patients.

Facility has immediately sent the notification letters to affected patients. Also, patient record access to the employees is revoked. Hospital conducted an investigation and third party forensic firm is hired to determine whether the data is available in the black market.

Till now there is no indication of information misuse. The hospital’s chief compliance and privacy officer Trent Belliston mentioned that investigators did not find any evidence to believe that employees had any malicious intent.

“No evidence that the information’s being used in an improper way,” said Belliston. “We believe this to be a case of snooping, or individuals who were bored.”

Belliston also mentioned that there is no evidence suggesting this was a targeted attack.

“It was a wide array of patients and information,” Belliston said.

Twenty-one employees are disciplined or terminated based on their extent of involvement. Hospital CEO Russ Myers mentioned that labor and confidentiality laws stop him from naming which employees were part in the security breach or how the employees were disciplined.

Patient medical and demographic information were viewed by the employees. Financial information was not seen.But Belliston mentioned that patient Social Security numbers may have been viewed as it was present on the patient records.

Facility is providing free credit monitoring for all potentially affected patients for two years. Also, a call centre is set up to answer queries.

“There’s the potential for this to happen in a hospital at any point in time,” said Belliston.

“Similarly to how important the safety of the patient is from a physical standpoint, likewise, the security of their information is also of great importance to us, making sure their information is safe,” he added.

____________________________________________________________________________________________

Alertsec is a one-stop provider that offers a cloud-based all-inclusive, pre-configured, ready-to-use computer security service, which also includes comprehensive 24/7 support for all users.

Verifone suffers data breach

March 17th, 2017

Payment solutions provider Verifone recently announced data breach which affected its internal network.

Verifone CIO and senior vice president Steve Horan sent an email to employees and contractors. They need to change the password within 24 hours. Also, they will be blocked from installing software on a computer till investigation completes. It came to know about the breach from Visa and MasterCard.

Verifone spokesman Andy Payment mentioned that breach didn’t affect payment services network. “We believe today that due to our immediate response, the potential for misuse of information is limited,” he said.

The attack has been traced to Russian hacking group.

As per the statement, “According to the forensic information to date, the cyber attempt was limited to controllers at approximately two dozen gas stations, and occurred over a short time-frame. We believe that no other merchants were targeted and the integrity of our networks and merchants’ payment terminals remain secure and fully operational.”

“The fact that Verifone asked employees and contractors to change their passwords and restricted their control over their desktops and laptops suggests that the attackers followed the usual path to gain access to critical systems such as payment terminals: exploit different vulnerabilities to take control over the devices and the accounts of people already inside the company,” Balabit product manager Peter Gyongyosi told eSecurity Planet by email.

“This once again underscores the importance of a multi-layer, defense-in-depth approach to security,” Gyongyosi added. “Keeping endpoint devices completely secure, especially in a large enterprise, is an impossible task and organizations must prepare for situations where an attacker would gain access to internal accounts. Fine-grained access control and detailed monitoring of activities — especially those related to critical systems — and advanced analytics such as behavior analysis can help security teams gain an edge over the attackers.”

Fortune 1000 Security Performance is declining. Verifone is a member of the Fortune 1000.

“It is possible Fortune 1000 companies exhibit a higher frequency of system compromises due to having a large attack surface,” the report states. “Fortune 1000 companies tend to have a high number of employees, which often corresponds to more networked devices and more IP addresses owned. Criminals also may have more motivation to target these prominent companies as they manage PII, PCI and intellectual property.”

___________________________________________________________________________________

Alertsec is powered by Check Point Endpoint Security products, which are positioned in the leaders quadrant in Gartner’s Magic Quadrant for Mobile Data Protection.

Internet and PHI breach

May 12th, 2016

The Children’s National Medical Center in Washington DC may have recently suffered data breach as few of its document where available on the internet. The incident may have occurred in February. According to the reports, due to Ascend Healthcare Systems mistake, a former business associate of the healthcare system, data related to 4,107 patients of Children’s National Medical Center was accessible via the Internet.

“Due to changes and upgrades to systems, a system that is secure today could become vulnerable with the next change – thus the need to repeat the vulnerability scan periodically,” says Mark Dill, former longtime CISO at the Cleveland Clinic who is now a principal consultant at tw-Security.

PHI could have been found using a search engine, like Google. Affected information includes names, dates of births, medications lists, and physicians’ notes on diagnosis and treatment. The incident occurred as the File Transfer Protocol site was misconfigured. Facility mentioned that the site was a standard network for storing and transferring files.

According to the Children’s National Medical Center, Ascend Healthcare Systems violated its contract who was required to delete all patient information as per the separation agreement.  After the incident, Ascend is advised by the Children’s Hospital Medical Center’s to delete transcription documents from its servers and secure the site.

Medical center didn’t receive any reports about inappropriate access or misuse of patient information. It has sent notification letters to affected individuals. Also, a dedicated call center was created to answer queries. Children’s National regrets any concern this incident may cause.

According to the statement:

Children’s National Health System, based in Washington, DC, has been serving the nation’s children since 1870. Children’s National is a Leapfrog Group Top Hospital, Magnet® designated, and was ranked among the top 10 pediatric hospitals by U.S. News & World Report 2015-16. Home to the Children’s Research Institute and the Sheikh Zayed Institute for Pediatric Surgical Innovation, Children’s National is one of the nation’s top NIH-funded pediatric institutions. With a community-based pediatric network, seven regional outpatient centers, an ambulatory surgery center, two emergency rooms, an acute care hospital, and collaborations throughout the region, Children’s National is recognized for its expertise and innovation in pediatric care and as an advocate for all children.

————————————————————————————————————————————————————-

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption software.

Unsecured database and data breach

April 16th, 2016

Einstein Healthcare Network announced possible data breach when one of its databases was left unsecured on its website. Einstein Healthcare Network is a Pennsylvania-based healthcare network. The incident has affected approximately 3,000 individuals.

According to the reports, Einstein Healthcare Network found that one of its website databases was available to unauthorized users. Accessible information included patient information that was entered by individuals on information form on the healthcare network’s webpage.

EHR systems was not connected to the website. Affected information included patient names, telephone numbers, reasons for submitting requests, healthcare provider names, and health information.Social Security numbers, financial information, or EHR information was not present on the database. Individuals who entered Information on the webpage’s form before feb 2016 were affected.

“It’s important to note that in the data we evaluated, hacking or IT incidents only accounted for about one in 10 data breaches,”said study lead author Dr. Vincent Liu, a research scientist with the Kaiser Permanente Division of Research in Oakland.

“While hacking has garnered a lot of recent attention, a more common reason for breaches is simple theft of unsecured paper or electronic records,” he continued. “Nonetheless, the potential for hacking to result in a large number of compromised records tends to be higher than for other sources of data breaches.”

Einstein Healthcare Network has now secured the website database and removed it from public view. Internal investigation is also ordered by Einstein Health.

A call center was created to answer questions related to this incident. Einstein Healthcare Network also mentioned that it is committed to improving security measures on its website. Healthcare believes that they have no knowledge that any patient information has been used improperly. Notification letters are sent to affected individuals.

According to the statement by Einstein, “To help prevent something like this from happening in the future, we have secured the website database and are enhancing our security measures for the website. We deeply regret any concern this may cause our patients.”

The breach was not result of hacking but due to technical error. Albert Einstein Healthcare Network is a system based in Philadelphia. Healthcare operates as Einstein Medical Center in Philadelphia, MossRehab with locations throughout Philadelphia and Montgomery Counties, Einstein Medical Center Elkins Park, and Einstein Medical Center Montgomery in East Norriton. Rehabilitation beds and skilled nursing beds as well as primary care and specialty physician practices are available in it’s facilities.

————————————————————————————————————————————————————-

Alertsec is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Computer glitch and Data Breach

March 26th, 2016

Laborers’ Health & Welfare Trust Fund for Northern California discovered that a computer glitch caused certain consumer health information to be processed incorrectly. The incident affected the processing of IRS Form 1095-B which included some patient health data in California.

According to the reports, some personal health information of workers were sent to other plan
participants and beneficiaries. Affected information included beneficiary names and names of dependents, Social Security numbers, and health plan coverage information. According to a press release, the Fund Office has notified potentially affected individuals personally, and will provide free credit monitoring to them.

The Fund Office mentioned that it will be taking steps to strengthen training processes and tighten security measures.

According to the press release –
The Fund Office has notified participants and provided credit monitoring services to all those participants and beneficiaries affected.The Fund Office has also instituted stronger security measures to guard against future mishaps.

According to the Wikipedia –
A computer glitch is the failure of a system, usually containing a computing device, to complete its functions or to perform them properly.In public declarations, glitch is used to suggest a minor fault which will soon be rectified and is therefore used as a euphemism for a bug, which is a factual statement that a programming fault is to blame for a system failure.

————————————————————————————————————————————————————-

Alertsec is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.