Email address

Ascension Health Facility hit by Email Phishing Scam

April 25th, 2015

Ascension Health Facility suffered consecutive data breaches due to email phishing scam. It is not confirmed whether two incident were related to each other. Seton Family of Hospitals, a division of Seton Healthcare Family (“Seton”) announced the breach on the website. According to the reports, 39,000 patients’ got affected. Username and passwords was targeted by the scammers.

“St.Vincent Medical Group sincerely apologizes for any inconvenience this unfortunate incident may cause and assures all of its patients that the faith-based organization is taking appropriate measures to avoid an incident of this nature happening in the future,” the facility said in a statement.

The exposed information includes patient demographic information, such as names and dates of birth, medical record numbers, insurance information, limited clinical information, and Social Security numbers in a few cases. Medical records or billing records were not included in the breach.

“Seton launched an investigation into the matter, and the investigation has required electronic and manual review of affected emails to determine the scope of the incident,” Seton said in its statement. “Seton engaged computer forensics experts to assist with the investigation.”

The facility said that patients who had their Social Security numbers potentially exposed will receive free identity monitoring and protection services. Seton said that it is working with its email service provider “to evaluate ways to enhance its already robust security program,” and will provide more employee education on email phishing scams.

“We value the privacy and security of protected information, and we are committed to protecting the confidentiality and privacy of our patients and employees,” Garza said. “It is our priority to support those who have been affected.”

Security Breach in California

January 20th, 2015

California Pacific Medical Center (CPMC) mentioned in recent press release that one of its pharmacist employees possibly accessed patient records with no apparent business or treatment reason. There is possibility of data breach due to this incident. As per the policy, CMPC terminated its relationship with the pharmacist employee when the incident was discovered. CPMC audit of its electronic medical record (EMR) system revealed the probable data breach.

Affected information includes the last four digits of patient Social Security numbers, clinical information, and prescription information. CPMC notified affected 844 patients about the incident. According to the press release:

 The type of information varied for each patient. While the employee potentially viewed the last four digits of some social security numbers, the employee did not have access to full Social Security numbers, driver’s license numbers, California identification numbers, credit card numbers or financial account information. CPMC has no evidence of a malicious intent or any unauthorized sharing of patient information by the employee. CPMC believes that the employee accessed the information out of curiosity.

No action is required by the patients in response to CMPC’s notice.

CPMC takes patient privacy very seriously. CPMC has also reiterated to all staff that policy allows them to access patient information only when necessary to perform job duties and that violating this policy may result in loss of employment.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

 

League of Legends suffers security breach

August 20th, 2013

League of Legends players were warned of a security breach, which was expected to result in the theft of some user data. Affected payers were sent notifications depending on how they were affected. This security breach led to the promotion of implementation of some new security features that are now in development.

According to the company, the data breach resulted in compromise of some usernames, email addresses, names and passwords. As the passwords were encrypted, the hacker will not be able to use them to access accounts, but could use the other information stolen to breach accounts.

About 120,000 transaction records dated in 2011 were accessed in this breach. These transaction records contained credit card numbers, and were part of a system that it says has not been used since 2011, when the records were produced.

Players located in North America were only affected in this breach incident, all of whom were asked to change their password within 24 hours and the new ones should be more complex and hard to guess. The requirement will follow an automatic prompt that appears when a player tries to log in, but gamers can get a jump on this by changing the password on their own now.

As a result of this breach, new security measures have spawned, two of which are currently being developed: email verification and two-factor authentication. The email verification will require registration and account changes to be made by verifying a valid email address, while two-factor authentication will need to be verified using a text message or email.

“We’re sincerely sorry about this situation,” Riot Games’ Marc Merrill and Brandon Beck said in a statement. “We apologize for the inconvenience and will continue to focus on account security going forward.”

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta

Ubisoft website hacked, account information compromised

June 25th, 2013

Data breaches have been penetrating at a rapid pace and when it comes to websites, they are not strangers to data breach incidents. The latest one to be affected by breach is Ubisoft.

The server of Ubisoft, the game developer behind the great success of “Assassin’s Creed” and “Far Cry” was hacked and a database containing log-in names, email addresses and passwords of the users was accessed illegally by the hackers.

Following the consequences, the firm had closed all the access to their server and started a thorough investigation. All the users were requested to change their passwords and email address.

Ubisoft officials stated “Out of an abundance of caution, we also recommend that you change your password on any other website or service where you use the same or a similar password,”Looking on the positive side, none of the personal payment data of the user was stored on the website, so there was no scope of debit or credit card information data breach. However, email addresses, user names and encrypted passwords were at danger.

Richard Henderson, a security researcher for Fortinet, a cyber security firm, said some major gaming companies are under the watch of hackers who intend to steal account details of users.

An Email by Richard said “All of this info is quite valuable in the ‘virtual gold’ and account markets.”

There may be a possibility that database information of users were not compromised, but still dealing with data breach of this nature proved to be a great challenge for users. In the case of data breach,it is easy for hackers to gain access of the passwords, as a result people using the same username and passwords for other websites would have to pay for this unintentional mistake. Users may end up with spam mails in their inbox associated with the stolen e-mail address.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta