Tag Archive for: Prompts

S.E.C. Social Media Hack That Sent Bitcoin Soaring Prompts Investigation

/in


The hack of a social media account used by the Securities and Exchange Commission is prompting both internal and external investigations into how the security breach occurred and whether anyone tried to profit from it, said the commission and several legal experts.

The S.E.C. said in a statement on Wednesday that it was coordinating an investigation into the hack that occurred the prior day “with appropriate law enforcement entities, including the S.E.C.’s Office of the Inspector General and the F.B.I.”

John Reed Stark, a former S.E.C. enforcement lawyer and regulatory consultant on cybersecurity, said the commission’s inspector general would need to investigate how a hacker was able to access the S.E.C.’s official account on X — formerly Twitter — to post a false message that the commission had approved several Bitcoin investment products.

“This is, unfortunately, a glaring failure of basic cyber-hygiene,” Mr. Stark said.

He also said federal prosecutors would very likely open a separate investigation into whether the hack was part of an attempt to profit from changes in Bitcoin’s price spiking. Mr. Stark added that it did not matter whether the hackers made any money from trading during the 15 minutes or so the post was online, but whether they had the criminal intent to do so.

Daniel Hawke, a partner at the law firm Arnold & Porter and a former director of the S.E.C.’s market abuse unit, said the fake post had all the hallmarks of an attempt to “manipulate the crypto markets.”

Some in Congress also want to learn more about the hack and the S.E.C.’s diligence. The House Financial Services Committee on Wednesday afternoon sent a letter to Gary Gensler, the S.E.C.’s chair, asking for a “briefing” on the incident no later than Jan. 17.

A spokesman for the Justice Department declined to comment. A spokesman for the S.E.C.’s inspector general said, “We are currently evaluating the circumstances and reviewing the S.E.C.’s statements.”

In a post on Tuesday night, X said that the hacker had used a phone number associated with the S.E.C. account, and that the government agency did not have the two-factor authentication security feature in place to…

Source…

23andMe Hack Prompts DNA Testing Security Questions

/in


The FTC also claimed that Vitagene deceived consumers about their ability to delete their own data. Over a two-year period, the agency said, it warned the company at least three times about storing unencrypted genetic, health and other personal information in publicly accessible data “buckets.” Vitagene has since discontinued its product line.

What are the risks of hacked databases?

Amassing information, not copying DNA. When a person’s exposed data is combined with other known or discovered data, the peril increases. And no one knows how the emergence of artificial intelligence might play a role.

See more Technology & Wireless offers >

Source…

Ransomware attack prompts multistate hospital chain to divert some emergency room patients elsewhere

/in


NASHVILLE, Tenn. (AP) — A ransomware attack has prompted a health care chain that operates 30 hospitals in six states to divert patients from some of its emergency rooms to other hospitals while postponing certain elective procedures.

Ardent Health Services said it took its network offline after the Nov. 23 cyberattack, adding in a statement that it suspended user access to information technology applications such as software used to document patient care.

By Tuesday afternoon, more than half of Ardent’s 25 emergency rooms had resumed accepting some patients by ambulance or by fully lifting their “divert” status, Ardent spokesperson Will Roberts said. Divert status means hospitals have asked ambulances to take people needing emergency care to other nearby facilities. Roberts said hospitals nationwide have at times used divert status during flu season, COVID-19 surges, natural disasters and large trauma events.

The company said it could not yet confirm the extent of any compromised patient health or financial information. It reported the issue to law enforcement and retained third-party forensic and threat intelligence advisers, while working with cybersecurity specialists to restore IT functions as quickly as possible. There was no immediate timeline for resolving the problems.

Based in the Nashville, Tennessee, suburb of Brentwood, Ardent owns and operates 30 hospitals and more than 200 care sites with upwards of 1,400 aligned providers in Oklahoma, Texas, New Jersey, New Mexico, Idaho and Kansas.

Ardent said each hospital is still providing medical screenings and stabilizing care to patients arriving at emergency rooms.

In Amarillo, Texas, William Spell said he and his mother have had flu-like symptoms for days but couldn’t make a doctor’s appointment through an online patient portal because of the cyberattack.

“We are trying to figure out other options as to what to do next,” said Spell, 34.

BSA Health System – the Ardent umbrella provider for Spell’s clinic and other facilities in the city – said it was working to restore its patient portal and system for video doctors’ visits. Spell said his…

Source…

Cybersecurity ‘issue’ prompts computer shutdowns at MGM Resorts properties across US

/in


Casino and hotel giant MGM Resorts International says a cybersecurity issue led to the shutdown of computer systems at its properties across the U.S. A statement Monday from the Las Vegas-based company said the incident began Sunday, and the extent of …

ByThe Associated Press

September 11, 2023, 2:58 PM

FILE - The Las Vegas Monorail passes by MGM Grand, April, 27, 2006, in Las Vegas. A “cybersecurity issue” led to the shutdown of some casino and hotel computer systems at MGM Resorts International properties across the U.S., a company official reported Monday, Sept. 11, 2023. (AP Photo/Jae C. Hong, File)

FILE – The Las Vegas Monorail passes by MGM Grand, April, 27, 2006, in Las Vegas. A “cybersecurity issue” led to the shutdown of some casino and hotel computer systems at MGM Resorts International properties across the U.S., a company official reported Monday, Sept. 11, 2023. (AP Photo/Jae C. Hong, File)

The Associated Press

LAS VEGAS — A “cybersecurity issue” led to the shutdown of some casino and hotel computer systems at MGM Resorts International properties across the U.S., a company official reported Monday.

The incident began Sunday. The extent of its effect was not immediately known on reservation systems and casino floors in Las Vegas and states including Maryland, Massachusetts, Michigan, Mississippi, New Jersey, New York and Ohio, company spokesman Brian Ahern said.

The FBI is “aware of the incident,” the bureau said in a statement from its national press office. It characterized the event as “still ongoing” and did not disclose details.

MGM Resorts said in a statement it identified a “cybersecurity issue affecting some of the company’s systems” and that its investigation involved external cybersecurity experts.

The nature of the issue was not described, but the statement said efforts to protect data included “shutting down certain systems.” It said the investigation was continuing.

A post on the company website said the site was down. It listed telephone numbers to reach the reservation system and properties.

A post on the company’s BetMGM website in Nevada acknowledged that some customers were unable to log on.

The company has tens of thousands of hotel rooms in Las Vegas at properties including the MGM Grand, Bellagio, Cosmopolitan, Aria, New York-New York, Park MGM, Excalibur, Luxor, Mandalay Bay and Delano.

It also operates properties in China and Macau.

Source…