Tag Archive for: weighs

Attorney weighs in on Norton ransomware attack letter

/in


LOUISVILLE, Ky. — Many Kentuckians recently got a letter in the mail from Norton Healthcare that said their personal information may have been stolen in a cyber attack.

What You Need To Know

  • Around 2.5 million people received a letter informing them their information may have been stolen in a ransomware attack on Norton Healthcare

  • The hospital system sent out the letter more than half a year after it discovered the attack

  • Norton said it took time to analyze the breach

  • A prominent attorney with Morgan & Morgan said waiting months to notify impacted patients is a problem because it leaves them at risk without notification that they need to protect themselves

It has been more than half a year since the Louisville-based hospital system first reported what it at the time called a “cyber event.”

Attorney John Yanchunis, who leads Morgan & Morgan’s consumer class action practice, said waiting that long to inform patients about the breach is a “real problem.”

“Obviously, a company following a breach will investigate,” Yanchunis said. “By law, most states require notification to the consumer within 30 days. There will be probably repercussions to the entity for having delayed. The problem with that is that consumers not having received timely notice aren’t put on notice that they need to protect themselves.”

According to Norton Healthcare, the letter was sent to around 2.5 million people. The letter said an unauthorized individual got access to the company’s network storage devices between May 7-9.

It said information obtained in the breach could include a patient’s name, birth date, social security number, driver’s license number, contact information, health records, financial account numbers and even digital signatures, along with other personal and identifying information.

At the time of the hacking, Norton had to take its network offline, as it received a fax with threats and demands. The company worked with forensic investigators. The letter said the breach took time to analyze.

In the letter, Norton offers two years of credit monitoring for patients who may have been affected through Kroll. The company provides credit monitoring services; however,

Source…

Cyber security expert weighs in on cyber attacks targeting hospitals – ABC 6 News

/in


Across the country, hackers are launching cyber-attacks against medical facilities.

This week, a cyber-attack hit Prospect Medical Holdings, a company with hospitals and clinics in multiple states.

It disrupted computer systems, forcing emergency rooms to shut down, and ambulances to be diverted.

And it’s part of a growing trend — the FBI says the average cost of a healthcare data breach reached nearly $11 million in 2023, a more than 50% increase since 2020.

Sai Huda, a cyber security expert joins ABC 6 weekend anchor Mayzie Olson to discuss the issue.

Source…

Cyber expert weighs in on CommScope ransomware attack

/in


CommScope was hit by a ransomware attack in late March and the hackers are claiming to have posted data taken from the company online.

Earlier this week, the Hickory-based fiber optic cable manufacturer said they were looking into these claims while also emphasizing they had seen no indication that client information has been compromised.

Brett Callow, a Canadian-based threat analyst with the firm Emsisoft, confirmed the hacker group Vice Society has posted a link to information purportedly taken from CommScope on the dark web, the part of the internet which is inaccessible by search engines and is often used by cybercriminals.

What exactly that data is, Callow can’t say.

“I don’t access the data in these cases,” Callow said. “I have no reason to further invade people’s privacy.”

People are also reading…

Online newspaper TechCrunch has reported the information includes employee information such as Social Security numbers and bank information.

Callow said he does not know who is behind the Vice Society hacking group but said they appear to have formed in 2021 and have targeted institutions such as schools but seem to now have moved on to larger organizations.

Callow also discussed how these attacks typically play out. Generally, he said, the hackers will infiltrate an organization’s system, copy data and then lock the organization’s system until they make good on the ransom.

“The ransom they demand then covers two parts: providing a key to unlock the computers and a pinkie promise that the stolen data will be destroyed,” Callow said.

While it is possible attackers may release the data even if a ransom is paid, Callow said the fact that data from CommScope has apparently been leaked online strongly suggests the company did not pay a ransom.

If so, that’s the right call, he said. While some organizations may have difficulty regaining access to their systems following an attack, Callow said…

Source…

Investornewsbreaks Sidechannel Inc. (SDCH) CEO Weighs In On…

/in


(MENAFN– Investor Brand Network) sidechannel
(otcqb: sdch) CEO and cybersecurity expert Brian Haugli was quoted in a recent IT Brew article focused on preparing for zero-day attacks. According to the article, titled“What’s a Zero-Day Attack (and How Can You Prepare for One)?”, these types of attacks occur when an attacker finds and exploits a weakness that is unknown to the vendor responsible for patching it. The weakness might be in software, operating systems, browsers, Java logging utilities or anywhere else, and companies have no time (hence the term“zero day”) to fix the problem. Instead, the article notes, a race begins between patch-makers and threat actors looking to exploit the open systems. The article provided helpful tips for defending against a zero-day threat, including keeping the attack surface small, trying to block paths and considering micro-segmentation. The article ended by saying:“A zero day will be a bad day, no doubt, said Brian Haugli, CEO at the cybersecurity and privacy firm SideChannel, but one that can hopefully be contained. ‘Let’s make sure that the entire rest of our company isn’t also compromised,’ Haugli told IT Brew.

To view the full article, visit

About SideChannel Inc.

SideChannel is committed to creating top-tier cybersecurity programs for mid-market companies to help them protect their assets. SideChannel employs what it believes to be skilled and experienced talent to harden these companies’ defenses against cybercrime, in its many forms. SideChannel’s team of C-suite level information security officers possess a combined experience of more than 400 years in the industry. To date, SideChannel has created more than 50 multilayered cybersecurity programs for its clients. For more information about the company, please visit .

NOTE TO INVESTORS:
The latest news and updates relating to SDCH are available in the company’s newsroom at

About InvestorWire

InvestorWire is the wire service that gives you more. From regional releases to global announcements presented in multiple languages, we offer the wire-grade dissemination products you’ll need to ensure that your next press release…

Source…