Viewing entries tagged
cybercrime

Healthcare Data Breach Costs Highest of Any Industry at $408 Per Record

According to a new study from IBM Security and the Ponemon Institute, the cost of a data breach for healthcare organizations continues to rise, from $380 per record last year to $408 per record this year. 

For the eighth year in a row, healthcare organizations had the highest costs associated with data breaches. The next highest industry was financial services with an average of $206 per lost or stolen record - half of what it cost the healthcare industry. The cost for healthcare organizations is also nearly three times higher than the cross-industry average of $148 per lost or stolen record.

LabCorp Breach May Have Exposed Millions of Medical Records

LabCorp, one of the nation’s largest medical diagnostics companies, is investigating a security breach that may have put health records of millions of patients at risk.

In a filing with the Securities and Exchange Commission, the company says it detected “suspicious activities” on its network over the weekend of July 14 and “immediately took certain systems offline as part of its comprehensive response to contain the activity.” 

It's Time to Stop Believing These 4 Cybersecurity Myths

Cybersecurity. In recent years, this term has officially became a household name. Rarely does a day pass without news of a cybersecurity breach wreaking havoc on an organization and its customers or patients. 

Luckily, these highly public breaches have led more small-mid size businesses to consider the threat that cybercrime may pose to their enterprise. In our experience, many of these organizations have a few misconceptions when it comes to developing a strong security posture. In order to defend themselves against the risks they face, organizations need to debunk these myths. Here are four of the most common myths:

Tech Support Scam Losses Rose 86% in 2017

Tech support scams last year resulted in $15 million in losses, an increase of 86% over 2016, according to the FBI Internet Crime Complaint Center (IC3).

In 2017, IC3 received approximately 11,000 complaints related to tech support fraud. The claimed losses amounted to nearly $15 million. While a majority of tech support fraud involves victims in the United States, IC3 has received complaints from victims in 85 different countries.

Social Engineering: How Cybercriminals Exploit Human Behavior (1/3)

Social Engineering. 

It sounds like something that might have a department devoted to it at Facebook Headquarters. But the truth is that social engineering is a type of security breach that takes advantage of human behavior to pull off a cyberattack.

New Tax Fraud Scam Targeting Tax Professionals

With the emergence of a new tax fraud scheme, The Internal Revenue Service is urging tax professionals to step up security and beware of phishing emails that can secretly download malicious software that can help cybercriminals steal client data.

Only a few days into the filing season, a scam was identified that began with cybercriminals stealing data from several tax practitioners’ computers and filing fraudulent tax returns.

Tax refund fraud affects hundreds of thousands, if not millions, of U.S. citizens annually. Victims usually first learn of the crime after having their returns rejected because scammers beat them to it.

California Predicted to Lose $329M to Cybercrime in 2018

Cybercrime is expected to cost Californians big-time in 2018. Using publicly available data from the FBI and the Insurance Information Institute, researchers at Website Builder Expert have predicted individuals in the Golden State will lose $329 million over the course of this year.

Second place, New York, is expected to lose $139.4 million. Third place, Florida, is expected to lose $111.7 million to cybercriminals this year. These figures put California far ahead of all other states for cybercrime losses.

Global levels of fraud, cyber and security incidents reached all-time high in 2017

Businesses reported all-time high levels of fraud, cyber and security incidents during 2017, according to senior corporate executives surveyed worldwide for the 2017/18 Kroll Annual Global Fraud & Risk Report.

About 84% of companies surveyed worldwide experienced a fraud incident in 2017, according to the report. 

The proportion of executives reporting that their companies fell victim to at least one instance of fraud over the past 12 months increased to 84%, from 82% in the previous year. Levels of reported fraud have steadily risen every year since 2012, when the reported occurrence was just 61%.

California health system fined $2 million for making patient data public online - twice.

Santa Barbara, California-based Cottage Health System has agreed to a $2 million settlement with the state attorney general resolving allegations that the health system failed to implement “basic, reasonable safeguards to protect patient medical information”, which led to the exposure of nearly 55,000 medical records.

According to California Attorney General Xavier Becerra, the health system’s failure to protect patient medical information violated state and federal privacy laws. The state alleged the health system failed to adequately protect patient records.

In December 2013, Cottage Health was notified its patients’ records were accessible online, as one of its servers that contained 50,000 patient records was left unencrypted. Worse yet, there was no password protection, firewalls or permissions to prevent unauthorized access. Exposed information included medical history, diagnosis, laboratory test results, and medications.

Uber discloses a 2016 data breach affecting 57M users, after concealing it for a year

On Tuesday, November 21, Uber officially disclosed a massive data breach that affected 57 million users of the ride-hailing app. The breach originally occurred in October of 2016 with Uber working to conceal it for over a year after paying a $100,000 ransom.

Discovery of the company’s cover-up of the incident resulted in the firing of two employees who led Uber’s response to the hack, said Dara Khosrowshahi, who was named CEO in August following the departure of founder Travis Kalanick.

Khosrowshahi said he had only recently learned of the breach, which happened in October 2016. He said Uber had begun notifying regulators. The New York attorney general has opened an investigation into the data breach, a spokeswoman said.