Phishing attack exposes data of more than a million patients across Midwest

Nearly 1.4 million people across the U.S. Midwest may have had their personal information exposed in a data breach at one of the region’s largest health care networks.  UnityPoint Health, a network of hospitals, clinics, and home care services in Iowa, Illinois, and Wisconsin, said this week that multiple internal email accounts were compromised between March 14 and April 3, following a series of phishing attacks.  The phishing emails were disguised to appear to have originated from a “trusted executive” within UnityPoint Health.  The stolen data included patient names, addresses, dates of birth, extensive medical records including surgical information and lab results, insurance information and, in some cases, Social Security, bank account, and driver’s license numbers.  According to UnityPoint Health’s press release, the attack was likely financially motivated, rather than focused on obtaining patient information, as the hackers tried to use the company’s email system to divert payroll or vendor payments.  Stolen personal […]

The post Phishing attack exposes data of more than a million patients across Midwest appeared first on Cyberscoop.

Continue reading Phishing attack exposes data of more than a million patients across Midwest

DOJ regrets the error on OPM-linked fraud case

The Department of Justice has apologized for confusion over its announcement last month that a fraudster used information stolen in the infamous 2015 Office of Personnel Management breach — an episode that confounded lawmakers and ran counter to publicly available information on the breach. The confusion began after DOJ announced on June 18 that a Maryland woman had pleaded guilty to using stolen OPM data to get car and personal loans. The public assumption had been – and still is – that Chinese hackers had stolen the data for espionage purposes. But DOJ now says that it hasn’t yet determined whether the woman and her accomplice got the data from the OPM breach or somewhere else. After an internal review, the U.S. Attorney’s Office for the Eastern District of Virginia appended a statement to its press release saying that “numerous victims” of the fraud self-identified as victims of the OPM breach. “The government […]

The post DOJ regrets the error on OPM-linked fraud case appeared first on Cyberscoop.

Continue reading DOJ regrets the error on OPM-linked fraud case

2017 was a big year for data breaches – What will 2018 be like as GDPR finally kicks in?

Last year many companies had to deal with data breaches and cyber threats. Hardly a week passed without an organisation like Uber, Xbox and Yahoo suffering a major data breach and many more businesses became victims as well. Sometimes it takes publicit… Continue reading 2017 was a big year for data breaches – What will 2018 be like as GDPR finally kicks in?

Organizations Are Overlooking Mobile Devices for GDPR Compliance

The dawn of the European Union General Data Protection Regulation (GDPR) is upon us, but organizations are overlooking the risk of mobile devices. The cost for non-compliance is steep. For example, if the Equifax breach occurred under GDPR, it is esti… Continue reading Organizations Are Overlooking Mobile Devices for GDPR Compliance

Mulvaney: CFPB hit by over 200 data ‘lapses’

The head of the Consumer Financial Protection Bureau revealed Thursday that the agency had suffered some 240 “lapses” in data security over an unspecified time period, in addition to a suspected 800 other such incidents. “We have been able to document about 200-odd – I think 240 – lapses in our data security,” Acting CFPB Director Mick Mulvaney told the Senate Committee on Banking, Housing, and Urban Affairs during a hearing on the bureau’s semi-annual report to Congress. “Lapses – is that a breach?” Sen. David Perdue, R-Ga., asked Mulvaney during a tense exchange. “I think data got out that should not have gotten out,” Mulvaney replied, adding, “there’s another 800 [incidents] that we suspect that we haven’t been able to confirm.” As part of its mandate to protect consumers, the CFPB has the right to collect data on credit card transactions, mortgages, and car loans, Mulvaney said. “Everything that […]

The post Mulvaney: CFPB hit by over 200 data ‘lapses’ appeared first on Cyberscoop.

Continue reading Mulvaney: CFPB hit by over 200 data ‘lapses’