Good news ! Hackbusters community is waiting for you !  https://discuss.hackbusters.com
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at: https://discuss.hackbusters.com.

Twelve US states join for the first time to file multistate data breach lawsuit

Catalin Cimpanu has a good write-up about the multistate lawsuit against Medical Informatics that I noted earlier this week:

Attorneys general from twelve US states have joined together to file the first-ever joint cross-state HIPAA lawsuit against a healthcare provider that got hacked in the summer of 2015.The lawsuit, filed in an Indiana court on Monday, alleges that Medical Informatics Engineering and its subsidiary NoMoreClipboard –collectively known and doing business as MIE– had “failed to take adequate and reasonable measures to ensure their computer systems were protected.”

Catalin bulletpoints the alleged security failures in a way that indicates that MIE had been warned/advised not to use certain generic accounts, but continued to use them anyway (because a client requested it), and that failure combined with sqli attacks returning helpful error messages ultimately enabled attackers to exfiltrate massive amounts of data. And to compound problems, MIE allegedly...(continued)

View All Trending Stories