Annual Breach Notification Deadline to OCR Looming
HIPAA requires that covered entities notify the Office for Civil Rights (OCR) of any breaches of unsecured protected health information that affects less than 500 individuals in a calendar year within...
T-Mobile: Leaky API Exposes Data on 37 Million
U.S. Telecommunications giant T-Mobile disclosed on Thursday that hackers obtained data on 37 million customers through a vulnerable API (application program interface). The disclosure was included in an 8-K filing with...
IoCs vs. EoCs: What’s the difference and why should you care?
Security analysts and threat hunters know the importance of IOCs – indicators of compromise. But EOCs - enablers of compromise - are just as important.
The post IoCs vs. EoCs: What’s...
Chinese-Based Hackers Alleged to Have Stolen $20M in COVID-19 Relief Fraud Schemes
According to NBC News and Reuters, the United States Secret Service confirmed that hackers from APT41, a criminal cyber-hacking group linked to the Chinese Communist Party, stole “at least $20 million...
State Bar of Georgia Reveals Security Incident to Employees and Members
The State Bar of Georgia recently disclosed that it was the victim of a cybersecurity incident in April 2022, when an unauthorized individual accessed its systems and compromised the data of...
ParkMobile Can’t Escape Data Breach Class Action
The class action lawsuit will continue against ParkMobile LLC for a data breach that affected 21 million users of the parking app (Baker v. ParkMobile LLC).The ParkMobile app allows users to...
Neopets Breach Affects 69M Users
What is Neopets, you ask? It is a virtual pet website that gives members the ability to “own, raise, and play games with their virtual pets.” According to BleepingComputer, Neopets has...
Lending Tree Notifies 70,000 Customers of Data Breach
Online mortgage lender Lending Tree sent breach notification letters to affected individuals on June 29, 2022. The letter advises those persons that their name, social security number, date of birth, and...
Verizon’s 2022 Data Breach Investigations Report: A Must Read
I love Verizon’s annual Data Breach Investigations Report (DBIR). I have pored over its content every year since its inception in 2008. (Just goes to show how long I have been...
Chicago Public Schools Notifying Students and Staff of Vendor’s Ransomware Attack
The Chicago Public Schools system is in the process of notifying students, families and some current and former employees that their personal information was compromised as a result of a ransomware...