Archive for the ‘Hackers’ category

Funding for bug bounty vendor

February 9th, 2017

As per the recent news, one can make money in the rewarding business of security researchers for finding security vulnerabilities. HackerOne published that they have raised a $40M Series C round of funding. Total funding received till date for the San Francisco based company is $74 Million.

Dragoneer Investment Group led new round of funding. It will be used to help HackerOne grow its business.

“HackerOne is at the forefront of the burgeoning bug bounty movement,” Marc Stad, Founder and Managing Partner of Dragoneer Investment Group, said in a statement. “It is borderline silly for a company not to utilize a bug bounty platform given the immediate reduction in security vulnerabilities and the relatively low price point compared to other security options.”

Rice, co-founder and CTO of HackerOne in the video interview mentioned the statistics of business growth. Also, discussed the bugs found by HackerOne’s community of researchers.

Hacking the pentagon program was one of the major successes of HackerOne. The results were positive. It has 1,400 security researchers participating in the program. It also discovered 138 serious vulnerabilities which were fixed quickly. Also, the U.S. Department of Defense also got involved in the program.

HackerOne faces competition from bug bounty vendor Bugcrowd. The rival has raised $24 million in funding to date which includes $15 million Series B round.

“When I started the company in 2013, I spent most of my time explaining what a bug bounty was to people,”Bugcrowd founder and CEO Casey Ellis said. “I don’t have to do that anymore.”

“How we do things today is we prove a concept manually first, apply human intelligence to the problem set and then take the repeatable learnings and codify that,” Ellis said.

The market of buy bounty is competitive but there is demand. Rice also mentioned that more bugs have been found by third party bug bounty companies as compared to vendors.

_____________________________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

Health Facility suffers email hack

February 7th, 2017

Multicare Health System recently announced data breach due to an email hack. The incident potentially affected 1,200 patients. The Washington health system mentioned that it has no information at this time to believe that any patient personal health information was accessed or misused in any way.

Facility will send the notification to affected patients. Also, patients have been advised to review their Explanation of Benefits statements and to remain vigilant to signs of irregularities related to their health insurance.

MultiCare stated that an unauthorized individual gained access to an employee email account. The information in the emails likely contained personal patient information ranging from addresses to account balances. Facility added that financial information and Social Security numbers were not present on the affected email account.

After the incident the affected email account has been secured. Password has been changed. Facility initiated an investigation into the incident and has provided contact information for patients concerned about the status of their information.

About Multicare:

“MultiCare is a not-for-profit health care organization with more than 10,000 employees and a comprehensive network of services throughout Pierce, South King, Thurston and Kitsap counties.

Facilities heritage dates back to the founding of Tacoma’s first hospital in 1882. Since then, it has grown to meet the ever-changing needs of our region-always focusing on excellence, innovation and patient care.”

When  email account gets hacked one should follow below steps to minimize the damage:

Initial step is to assess the damage done by hackers.

Visit the website of your email provider and try to regain the access.

Change the password by authorised method. Check inbox and trash for any password reset emails, which were not initiated by you.

Scan your computer with anti virus software. Many emails are hacked today to install virus on your computer.

Review your personal settings.

Validate the source  of any program, game and app before downloading it.

_____________________________________________________________________________________________________

Alertsec Endpoint Encrypt is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Integrity Transitional Hospital data breach

November 2nd, 2016

Integrity Transitional Hospital based in Texas recently suffered a hacking attack. As per the Office for Civil Rights data breach reporting tool, this incident may have affected 29,514 patients.

The statement on the website began with following, ‘Integrity Transitional Hospital (“Integrity”) is deeply committed to protecting the security and confidentiality of the information in its care. Regrettably, this notice concerns an incident involving some of that information.’

Facility mentioned that it stores certain patient information on laboratory specimens from companies that work with various healthcare providers. Then specimens are submitted to laboratories for testing. The data is kept for billing purposes.

Affected information included some of the lab results, lab testing information, health insurance information, and scanned driver’s licenses associated with laboratory services. Social Security numbers and other financial information were not included in the breach.

“Integrity is committed to the security of the sensitive information it maintains and is taking this matter very seriously,” the hospital said. “To help prevent a similar incident from reoccurring, we are enhancing existing security on our systems related to the laboratory information we maintain.”

Facility belives that there is no such evidence which concludes that breached information is misused. It has began mailing letters to affected individuals. Dedicated call centre is established by the Integrity to answer queries regarding the incident.

Integrity Hospital adheres to the following values(as mentioned on its website):

Compassion: Provide the best care, treating patients and family members with sensitivity and empathy.

Integrity: Adhere to the highest standards of professionalism, ethics and personal responsibility, worthy of the trust our patients place in us.

Respect: Treat everyone in our diverse community, including patients, their families and colleagues, with dignity.

Excellence: Deliver the best outcomes and highest quality services through the dedicated effort of every team member.

 ___________________________________________________________________________________________

Alertsec helps you comply with HIPAA, PCI and SOX requirements.

Ransomware attack affects 33K

October 23rd, 2016

Rainbow Children’s Clinic recently suffered a ransomware attack. According to the reports, the attack left the data encrypted which was stored on the facility’s system. Rainbow mentioned that it shut down the computer system immediately to prevent the information from being lost.

But a forensic investigation team found that the patient records has been irretrievably deleted. Affected information includes patient names, addresses, dates of birth, Social Security numbers, and medical information.

Ransomware is computer malware that installs on a victim’s computer. Hackers use the technique mostly for the purpose of extorting money. It encrypts data with certain passcode. A ransom payment is asked to decrypt it or not to publish it publicly. Simple ransomware may lock the system but the data can be recovered by a knowledgeable person. More advanced malware encryption makes data inaccessible.

Other information which got impacted in Rainbow Clinic incident involves personal information related to patients’ payment guarantors, including guarantors’ names, addresses, Social Security numbers, and medical payment information. Facility mentioned that the affected individuals will be offered complimentary identity monitoring and identity theft resolution services.

“Rainbow Children’s Clinic takes the security of its patients’ information very seriously and has taken steps to prevent a similar event from occurring in the future, including strengthening its security measures and ensuring that its networks and systems are now secure,” Rainbow said.

As per the OCR data breach reporting tool, total 33,698 records got affected. As per the statement:

Notification letters mailed today include information about the incident and steps potentially impacted individuals can take to monitor and protect their personal information. Rainbow Children’s Clinic has established a toll-free call center to answer patient questions about the incident and related concerns. Additional information and recommendations for protecting personal information can be found on the Rainbow Children’s Clinic website.

The privacy and protection of patient information is a top priority, and Rainbow Children’s Clinic deeply regrets any inconvenience or concern this incident may cause.

____________________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

Burrell Behavioral Health data breach

September 10th, 2016

Missouri-based Burrell Behavioral Health recently suffered data breach. Facility faced cybersecurity attack after unauthorized party accessed employee’s email account. It discovered the breach on on July 7, 2016. Internal investigation was launched immediately and the account was secured. According to the reports, unauthorized access occurred from July 6, 2016 to July 7, 2016.

“Burrell Behavioral Health has established a dedicated assistance line for anyone seeking additional information regarding this incident, as well as steps to better protect against identity theft. “

Affected information included clients’ names, addresses, dates of birth, Social Security numbers, doctor’s names, diagnoses, disability code, health insurance number, treatments, treatment locations and medical record numbers.

“We take any threat to the security of information entrusted to us very seriously,” Burrell Presdent and CEO Dr. Todd Schaible said in a statement. “Once the attack was discovered, we immediately took counter measures and also hired nationally-renowned computer forensic investigators to determine exactly what happened and what information was at risk. We apologize for any inconvenience or concern this incident may cause our community.”

As per the OCR data breach reporting tool, in total 7,748 individuals may have been affected. Burrell mentioned that the patient PHI in the email account was accessed, but that “information at risk varies for each individual.”

One year of complimentary credit monitoring and identity restoration is provided for the affected people. Facility asked people to remain vigil to avoid identity theft which includes-

Reviewing account statements, medical bills, and health insurance statements regularly for suspicious activity, to ensure that no one has submitted fraudulent medical claims using your name and address. Report all suspicious or fraudulent charges to your account and insurance providers. If you do not receive regular Explanation of Benefits statements, you can contact your health plan and request them to send such statements following the provision of services.

 ___________________________________________________________________________________

Alertsec is used by organizations that have recognized the need to protect their information.Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe.

Computer servers breached

August 28th, 2016

Indiana-based Orleans Medical Clinic announced possible healthcare data breach when one of its computer servers was hacked. According to the reports, facility became aware of the suspicious activity on April 17. After investigation, it confirmed hacking attack. The incident left EHR data unsecured on the server.

Unauthorised users had access to the information from April 5, 2016 to April 17, 2016.  Also,  facility got confirmation on July 21, 2016 of the individuals and information potentially affected by the incident. Immediately, Orleans Medical secured the server to avoid such incident again.

“While our investigation was not able to definitively conclude whether the hackers actually accessed or obtained a particular individual’s information, it would have been possible for the hackers to access and obtain patient information about all of our current and former patients, including medical records and demographic information such as date of birth and social security number,” Orleans Medical stated.

Facility asked patients to contact their bank or credit card company to make them know of the situation. Banking and credit card information were not affected by the incident.

Facility did not mention the number of patients potentially affected. According to the OCR data breach reporting tool, information of 6,890 individuals was affected. Facility also mentioned that the patient portal was not breached. One year complimentary identity theft services is setup. Also, patient notification letters have been sent out thru mail.

According to the statement:

We have reported the incident to the FBI, the U.S. Department of Health and Human Services Office for Civil Rights, and the Indiana Attorney General, each of whom has opened an investigation.

 

We deeply regret that this incident occurred. We are committed to providing quality care and protecting PHI. We have established a call center to answer any questions that patients may have about this incident.

“At Orleans Medical Clinic, our mission is to provide personalized, high-quality care on an as-needed or preventative basis.  We have created a practice that we believe in and would choose for our own family members.”

____________________________________________________________________________________________

Alertsec is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Neurosurgical Center data breach

August 20th, 2016

The Center for Neurosurgical and Spinal Disorders (CNSD) mentioned that approximately 1,100 patients may have been affected by recent data breach.  Security incident occurred this summer which exposed data. According to the reports, hacker gained unauthorised access of CNSD office manager’s computer by installing a program. The purpose of the program is to record keystrokes and periodically took screenshots of what was being displayed on the computer.

“We detected an unauthorized intruder in one of our computers. Access to this computer was immediately shut down; subsequently, CNSD’s servers and network were taken offline.”

“A subsequent investigation revealed that screen shots of 823 CNSD’s patients (along with 311 patients of another practice for whom CNSD bills) were taken between the dates of 7/7/16-7/18/16,” CNSD reported. “It is unclear whether any of this information was downloaded.”

As per the investigation by CNSD IT professional, hacker had gained remote access. Affected information included names, addresses, phone numbers, Social Security numbers, medical chart information, and billing information which got revealed in the screen shots. Affected patients will be receiving notification letters.

“After the FBI took the hacked hard drive, CNSD’s IT professional put in a new hard drive with a new operating system into the computer at issue, and CNSD hired a separate IT security company to perform a complete examination of all software, servers, computers, routers, firewalls, and office security,” the statement read. “No additional suspicious programs, viruses, spyware, or malware were detected. The security firm has been retained to provide ongoing network security analysis and advanced threat protection.”

As per the statement:

CNSD reported the security breach to the FBI. Two FBI agents came to CNSD’s office and interviewed the owner, office manager, and IT professional.  The FBI has taken custody of the hard drive which was hacked and opened an investigation.

____________________________________________________________________________________________

Alertsec is used by organizations that have recognized the need to protect their information.Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Check Point Full Disk Encryption.

Hillary Clinton email controversy and best practices for protecting data in your company

August 4th, 2016

According to the new reports, U.S. Attorney General Loretta Lynch mentioned that the Department of Justice is closing its case regarding Clinton. Earlier, clinton has used personal email account to conduct government business instead of official U.S. government email account.

Hillary received explicit warnings from the State Department’s cybersecurity team to stop using personal email. She had a private domain hosted on a private server placed in her home. This controversy can help us to understand the best data practices.

According to the comey,  Clinton and her colleagues were “sloppy,” “negligent,” and “extremely careless”  to handle classified information passing through her private server.

“Participants who know or should know that information is classified are still obligated to protect it,” said Comey at his press conference. He mentioned that everyone must be well trained and accountable for the information they handle, receive, read and exposed to. Proper training and sound implementation avoids security incidents.

“We [at the FBI] assess that it is possible that hostile actors gained access to Secretary Clinton’s personal email account,” said Comey at his press conference.

Many Clinton’s emails contained sensitive foreign intelligence data which can be compromised. Earlier, Clinton’s server was hacked in 2013.

“There are only two kinds of organizations,” MIT engineering and IT professor Stuart Madnick, who also serves as Director of the Interdisciplinary Consortium for Improving Critical Infrastructure Cybersecurity, has said at numerous symposiums and conferences at MIT over the past couple of years. “Those that have been hacked and those that don’t yet know they have been hacked.”

“‘Prevention, prevention, prevention, that’s all I’m focused on,’ is gonna be doomed to failure,” said Chertoff in his keynote address at the Advanced Cyber Security Center’s 2014 annual conference. “You’re not gonna eliminate the risk of cyber attacks; this is about managing the risk.”

House Democrats tried to defend Clinton during the hearing saying she may not have noticed or may not have understood “tiny, little” markings of “(C)” next to some paragraphs in her emails.  It is for classified files.

“It’s possible that she didn’t understand what a ‘(C)’ meant when she saw it in the body of an email like that,” testified Comey, who further indicated that before his investigation, he likely would have automatically assumed that a State Department official would know what the ‘(C)’ meant. “[It’s] not that she would have no idea what a classified marking would be, [but] it’s an interesting question whether she … was actually sophisticated enough to understand what [‘(C)’] means.”

In your company make sure that employees should read, understand, acknowledge the policies and receive effective training to handle day to day data and its classification to consider them accordingly.

 ___________________________________________________________________________________

Alertsec is used by organizations that have recognized the need to protect their information. Over 4 million users worldwide use Alertsec Check Point Full Disk Encryption.

Hacking causes EHR breach

August 2nd, 2016

As per the notice on website, Athens Orthopedic Clinic in Georgia mentioned that it has experienced a potential EHR breach after a healthcare cybersecurity incident. Facility said that an external entity had launched a cyberattack on its EHR system using a third-party vendor’s credentials.

Affected information included names, addresses, Social Security numbers, dates of birth, telephone numbers, and, in some cases, diagnoses and partial medical histories. Facility did not mention the number of individuals affected.

Many have earlier mentioned the need to strengthen healthcare systems.

“You rarely hear healthcare as the focus of the cyber-security industry,” Ralph Echemendia, CEO of cyber-security consulting firm Red-e Digital says. “With the Sony hack, an entire corporation was taken completely down. Nobody could go to work. If you do that to a hospital, people die.”

Cybersecurity experts were hired to investigate the attack and assess facility systems. Cybersecurity firm’s recommendations are implemented to improve healthcare data security.

“We are in the process of notifying the affected patients, and deeply regret any stress this may cause our patients,” Kayo Elliott, CEO of Athens Orthopedic Clinic told OnlineAthens.com.

“Rest assured that we are taking all necessary measures to ensure that any resulting damage is limited to the extent possible and working to retain your trust in our practice. We advise that our patients contact credit reporting agencies to create a fraud alert as soon as possible; we have posted a statement on our website that includes credit reporting agency contact information.”

According to the website:

Athens Orthopedic Clinic has been providing comprehensive orthopedic care to Athens and surrounding communities since 1966. AOC is a healthcare facility with a long-standing tradition of excellence and service. As a total orthopedic care center, our physicians specialize in orthopedic surgery and handle the diagnosis and treatment of diseases and injuries of the bones, muscles, tendons, nerves and ligaments in both adults and children.

____________________________________________________________________________________________

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption software.

Data breach at North Ottowa Medical Group

July 20th, 2016

North Ottowa Medical Group suffered data breach along with many other healthcare facilities due to hacking incident at Bizmatics, an EHR vendor. Bizmatics notified Michigan-based medical group  about the data breach. It mentioned unauthorised user access of its server, but didn’t confirm whether North Ottawa Medical Group data was accessed or not.

According to the reports, about 22,000 individuals were affected by the healthcare data security event. Possible affected data relates to patients at the medical group’s employed physician practices, including the internal medicine, family practice, and women’s health offices.Disclosed information included names, addresses, health visit information, treatments, health insurance information, and Social Security numbers. The incident may have also exposed the last four digits of a credit card number for some patients.

The medical center mentioned that an independent cyber forensics firm, hired by Bizmatics, is working with the vendor. Also, law enforcement officials conducted a criminal investigation.

“These investigations found that there was no reason to believe patient files were the target of the attack,” the press release stated. “Further, investigators could not conclusively determine if there was, in fact, a PHI breach at all.”

North Ottowa Medical Center has notified affected individuals and the Department of Health and Human Services of the incident. Complimentary identity recovery assistance services for a year is also setup.

According to the website:

Nonetheless, out of an abundance of caution, NOCHS has reported this incident to the Department of Health and Human Services (DHHS), and is treating the situation as though an actual breach occurred. Therefore, in accordance with HIPAA law NOCHS has notified DHHS, NOMG patients, and by way of this news release, the community. NOMG patients will also receive identity recovery assistance services for a year, at no cost.

The North Ottawa Medical Group doctors, physician assistants and nurse practitioners work directly for and within the North Ottawa Community Health System and your community hospital. Our mission is to develop a personal, long-term relationship with you, as well as be our community’s most trusted, local partner in creating a healthier future for all.

____________________________________________________________________________________________

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption software.