Tag Archive for: Advocate

Data breach in Advocate Aurora Health system may have exposed up to 3M patients’ information


A data breach in the Advocate Aurora Health hospital system may have exposed up to 3 million of Wisconsin and Illinois patients’ personal health information to outside companies like Google and Facebook.

Advocate Aurora is the largest health care provider in the state, with 17 hospitals across Wisconsin. Health care organizations, hospitals and clinics are subject to the federal Health Insurance Portability and Accountability Act, or HIPAA, law, which protects people’s personal health information. 

The hospital system uses online tracking technologies like Google and Facebook and its “pixels” — or tiny bits of code or images — that collect data on users and the information they see on a page, which made its platform vulnerable to attack, according to its notice this week. Those pixels were on “patient portals” through its MyChart and LiveWell websites and applications, which track and send data on users to third-parties.

“These pixels would be very unlikely to result in identity theft or any financial harm, and we have no evidence of misuse or incidents of fraud stemming from this incident,” the statement said. “Nevertheless, we always encourage patients to regularly review their financial accounts and report any suspicious, unrecognized or inaccurate activity immediately.”

The information at risk includes patients’ medical providers, IP addresses, dates and locations of scheduled appointments, among other sensitive materials. The health system alerted the Department of Health and Human Services on Friday, the Associated Press reported

Advocate Aurora has disabled its use of pixels from its platforms. In its notice, the company said no Social Security or financial information was breached.

University of Wisconsin-Madison computer science professor Paul Barford, an expert in Internet security, was shocked a health care application would use pixels on its page.  

“It’s a real surprise that a commercial entity that is interacting with people related to their health, would think that this is something that’s reasonable, and proceed with it,” he said. 

The organization said it’s “not aware of any misuse of information arising from this incident,” but urges patients to take…

Source…

The EU Remains the Best Advocate for Global Democracy


Russian president Vladimir Putin enjoys running circles around the European Union (EU). China may cherry-pick partners among EU members. Turkey can destabilize the region by releasing migrants. Even Belarus challenges the EU in a way unthinkable only a few years ago. Events may yet take a turn for the worse in the Caucasus, Bosnia-Herzegovina, and Ukraine with rumors of military action launched by Russia.

Europe’s lack of hard power may be laid bare in the months to come. Europe is not projecting military power, not invading other countries, not threatening neighbors, not waging cyber warfare, and not operating a global intelligence network. It is also not using its considerable economic power to pursue political goals.

These weaknesses, in a strange way, also reveal Europe’s sole strength.

Europe is gradually becoming the last genuine defender of democracy and human rights. A few countries outside of Europe may also claim this title, but they are far between. Europe is not flawless, but compared to illiberal democracies, autocratic or authoritarian regimes, it remains a beacon.

The EU is often depicted as an undemocratic bureaucracy run by technocrats in Brussels. This is incorrect. No decision is taken by the EU without approval in the European Council. Each member state is represented by a minister sent by their national government and held accountable by their national parliament. Most decisions require the consent of both the Council and the European Parliament, which is composed of 705 members elected directly by the European people. This relationship between the Council and the Parliament is somewhat akin to that of the Senate and the House of Representatives in the United States, but less confrontational. The European Commission, the executive institution of the EU, consists of one member nominated by each member state. The Commission can only take office after a vote of approval in the directly elected European Parliament. The Parliament also has the ability to dismiss and dissolve the European Commission.

Several countries in Central and Eastern Europe are not role models of democracy. But this critique is overblown. Observers outside Central and Eastern Europe…

Source…

SolarWinds hack sets experts scrambling | Western Advocate


news, world

Suspected Russian hackers who broke into US government agencies also spied on less high-profile organisations, including groups in Britain, a US internet provider and a county government in Arizona, according to web records and a security source. More details were revealed on Friday of the cyber espionage campaign that has computer network security teams worldwide scrambling to limit the damage. US Secretary of State Mike Pompeo told a radio show the intrusion appeared to come from Russia. “I think it’s the case that now we can say pretty clearly that it was the Russians that engaged in this activity,” he told the Mark Levin show. Networking gear maker Cisco Systems said a limited number of machines in some of its labs had been found with malicious software on them, without saying if anything had been taken. A person familiar with the company’s ongoing probe said fewer than 50 were compromised. In Britain, a small number of organisations were compromised and not in the public sector, a security source said. Shares in cyber security companies FireEye, Palo Alto Networks and Crowdstrike Holdings rose on Friday as investors bet that the spate of disclosures from Microsoft Corp and others would boost demand for security technology. Reuters identified Cox Communications and Pima County, Arizona, government as victims of the intrusion. The hack hijacked ubiquitous network management software made by SolarWinds Corp. The breaches of US government agencies, first revealed by Reuters on Sunday, hit the Department of Homeland Security, the Treasury Department, State Department and Department of Energy. In some cases the breaches involved monitoring emails but it was unclear what hackers did while infiltrating networks, cybersecurity experts said. Trump has not said anything publicly about the intrusion. He was being briefed “as needed”, White House spokesman Brian Morgenstern told reporters. National security adviser Robert O’Brien was leading interagency meetings daily, if not more often, he said. No determinations have been made on how to respond or who was responsible, a senior US official said. SolarWinds, which disclosed its unwitting role at the centre of the global hack…

Source…