Tag Archive for: $15k

Additional 15K added to Eye Care Leaders’ already record-setting breach tally


An Air Force ophthalmologist performs surgery on a patient on Sept. 1, 2022. (Army)

Another 15,000 patients have been added to the breach tally of the Eye Care Leaders ransomware attack from nearly one year ago.

Massengale Eye Care issued a breach notice to patients in late October, informing them that their data was also compromised during what remains the largest incident reported in healthcare this year at nearly 3.7 million impacted patients.

While mainstream media outlets have recently warned that the CommonSpirit Health cyberattack could impact 20 million patients, the massive health system’s financial report from this week again stated that they are still investigating and have not found evidence of patient data impacts. As such, ECL still holds the dubious top position.

As reported, ECL’s EMR was hit with a ransomware attack on Dec. 4, after a threat actor accessed the platform and deleted databases and system configuration files. Without the data, it was not possible to identify whether the data was accessed or exfiltrated before it was deleted.

The compromised data varied by provider and patient, and for Massengale the data could include names, contact information, dates of birth, Social Security numbers, diagnostic details, and health insurance information.

ECL has not issued its own breach notice with the Department of Health and Human Services, as it defends itself against a provider-led lawsuit accusing the cloud EMR vendor of concealing additional ransomware incidents deployed earlier this year.

A number of providers affected by those alleged incidents spoke exclusively with SC Media, detailing their frustration over the stonewalling. The lawsuit status was last updated in October, with at least 13 filings to extend the time to respond to the claims and two more filings requesting the case be dismissed. In these filings, ECL has repeatedly denied these claims.

CorrectCare security incident swells to 607K impacted individuals

Two more healthcare entities have filed breach notices with HHS, after their medical claims processing vendor CorrectCare informed them that their patient information was exposed due to two misconfigured file databases in July.

CorrectCare Integrated…

Source…

Security firm Veracode sponsors $15K hacking competition for universities


The application security testing firm Veracode announced Thursday it’s sponsoring an ethical hacking competition featuring teams from eight U.S. and U.K. universities and will award $15,000 in prizes.

Running from March 15 to 26, the Hacker Games — an apparent nod to the teenage battle royale series “The Hunger Games” — will pit groups of student coders against each other as they attempt to find vulnerabilities in real pieces of software. The contest, the company said, will “explore practical examples of real-world threats” and challenge students to either exploit flaws or patch them before they can be compromised.

The company said the competition was motivated by a statistic from the Department of Education that just 3% of bachelor’s degrees awarded by U.S. colleges include cybersecurity-related skills, while just 5% of computer science degrees awarded by British schools meet that standard, according to the U.K.’s National Cyber Security Centre.

“With mounting pressure on developers to deliver software that is secure and keeps society safe from harmful cyberattacks, gaining foundational security knowledge translates to fewer exploitable problems during production and after deployment,” Chris Wysopal, Veracode’s chief technology officer and one of the company’s co-founders, said in a press release.

Before founding Veracode in 2006, Wysopal — whose code name is “Weld Pond” — was part of a hacker collective known as L0pht, members of which were among the first cybersecurity experts to tell members of Congress, in 1998, just how vulnerable the internet is to malicious activity. The group also included Pieter “Mudge” Zatko, who was hired last November as Twitter’s head of security.

Based in Burlington, Massachusetts, Veracode has seen its value rise in recent years, first being acquired in 2017 by CA Technologies for $614 million and being sold the following year for $950 million to the venture capital firm Thoma Bravo.

The participating U.S. schools include Stonehill College, Indiana University, Tufts University and the University of Virginia. U.K. schools include University of Birmingham, University of Warwick, University of York…

Source…

Black Hat hacker claims he can make $15k to $20k an hour – GigaOM

Black Hat hacker claims he can make $ 15k to $ 20k an hour
GigaOM
After spending three years coding his system, throw4way1945 says he regularly manages his botnet and a smaller, 10,000-bot Android system. Clients pay for services, like 1 million spam messages sent in 50,000-chunk blocks for $ 150, as well as DDoS 

android botnet – read more