Security Leftovers
-
Security updates for Thursday
Security updates have been issued by Debian (firefox-esr, json-c, opendmarc, and otrs2), Red Hat (java-1.8.0-ibm and kpatch-patch), Scientific Linux (kernel), Slackware (mozilla), SUSE (haproxy, php7, vim, and xen), and Ubuntu (elfutils, frr, and linux-gcp, linux-starfive).
-
One month later, Ranhill still hasn’t fully recovered from cyberattack
More than one month later, it appears that Ranhill has still been unable to fully recover. DataBreaches previously reported complaints on Facebook about the payment app not working. It still isn’t working, and Ranhill does not even reply Facebook to customers who are frustrated and complaining about the inability to pay, as a “Wake up, Ranhill” message posted a few days ago suggests. Another customer complains because they have not received their bills for the past three months and can’t get them because the website is (still) down.
-
Data breach could affect more than 100,000 in Pima County
More than 100,000 Pima County residents could be affected by a nationwide data breach that affected the company that handled COVID-19 case investigations and contact tracing here, officials say.
The company, Maximus Health Services Inc., notified the county earlier this month that data stolen from a breach of Progress Software Corporation’s MOVEit Transfer application in May included information on about 110,000 Tucson area residents, a news release from the county health department said.
-
UMinn sued, accused of taking insufficient action to prevent data breach
A lawsuit filed on behalf of a former student and former employee at the University of Minnesota accuses the university of not doing enough to protect personal information from a recent data breach.
Attorneys for the two plaintiffs said in the lawsuit filed in federal court Friday that the university “was fully capable of preventing” the breach, the Minneapolis Star Tribune reported Wednesday.
-
Singing River Health System still recovering from recent cyberattack
Surgeries delayed, prescriptions needing to be written by hand, and some patients being transferred to other hospitals. These are all affects of the recent cyberattack at Singing River Health System.
“We still deliver great patient care,” said Dr. Randy Roth, Singing River Chief Medical Officer. “It’s a little bit slower. For us guys with the gray hair, we’re back to paper. We’re practicing like we did in 2011, 12, before we got on EPIC.”
EPIC is Singing River’s medical record system. The system that was hacked.
-
LogicMonitor customers who didn’t change default passwords were hit by hackers
Some customers of the network security company LogicMonitor have been hacked due to the use of default passwords, TechCrunch has learned.
The incident is due to the fact that, until recently, LogicMonitor was assigning customers default — and weak — passwords such as “Welcome@” plus a short number, according to a source at a company that was impacted by the incident, and who asked to remain anonymous as they were not authorized to speak to the press.