<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 6/22/2021

SHARE

Breaches

Embryology Data Breach Follows Fertility Clinic Ransomware Hit

A fertility clinic serving the Atlanta area has been hit with a ransomware attack that also exposed private health information for 38,000 of its patients. Reproductive Biology Associates (RBA), along with its affiliate My Egg Bank North America, is a well-known pioneer in in-vitro fertilization (IVF). After launching in 1983 as Georgia's first IVF program, it became first on the East Coast to achieve pregnancy from a frozen embryo, and the first in the Western Hemisphere to report a birth from frozen donor eggs. READ MORE...


Ohio Medicaid Provider Suffers Data Breach

A security incident at an Ohio Medicaid provider last month may have resulted in the theft of personal data. On Monday, the Ohio Department of Medicaid warned that an unknown party had accessed data in the care of Maximus for two days in May without authorization. Maximus was hired by the department to carry out data management. The company employs about 30,000 workers worldwide, with approximately 10,000 of those employees working at 11 call centers in nine states in the United States. READ MORE...

Hacking

Agent Tesla RAT Returns in COVID-19 Vax Phish

The Agent Tesla remote access trojan (RAT) is scurrying around the internet again, this time arriving via a phishing campaign that uses a COVID-19 vaccination schedule as a lure. Spotted by researchers at the Bitdefender Antispam Lab, the attackers are targeting Windows machines using emails with malicious attachments. The body of the mails take a business-email approach and ask recipients to review an "issue" with vaccination registration. READ MORE...

Information Security

Krebs on Security: How Cyber Safe is Your Drinking Water Supply?

Amid multiple recent reports of hackers breaking into and tampering with drinking water treatment systems comes a new industry survey with some sobering findings: A majority of the 52,000 separate drinking water systems in the United States still haven't inventoried some or any of their information technology systems - a basic first step in protecting networks from cyberattacks. READ MORE...


Finger Scanning Costs Six Flags $36m

Theme park operator Six Flags Great America has agreed to pay $36m to settle a class-action lawsuit concerning the gathering and collection of its customers' biometric data. Filed in Lake County, Illinois, the lawsuit alleges that the use of finger-scanning equipment used at Six Flags entry gates violated the Prairie State's Biometric Privacy Act. The act regulates how companies collect and use an individual's retina or iris scan, fingerprint, voiceprint, or scan of hand or face geometry. READ MORE...

Exploits/Vulnerabilities

Bugs in NVIDIA's Jetson Chipset Opens Door to DoS Attacks, Data Theft

Flaws impacting millions of internet of things (IoT) devices running NVIDIA's Jetson chips open the door for a variety of hacks, including denial-of-service (DoS) attacks or the siphoning of data. NVIDIA released patches addressing nine high-severity vulnerabilities including eight additional bugs of less severity. The patches fix a wide swath of NVIDIA's chipsets typically used for embedded computing systems, machine-learning applications and autonomous devices such as robots and drones. READ MORE...

On This Date

  • ...in 1940, France formally surrenders to Germany, following a nearly two-month invasion by the Axis powers.
  • ...in 1942, Congress officially recognizes the Pledge of Allegiance.
  • ...in 1969, the Cuyahoga River catches fire near Cleveland, OH, drawing national attention to the problem of water pollution.
  • ...in 1978, astronomer James W. Christy discovers Charon, the largest moon of Pluto.