Helvede

Francois DionAnother useful viz for tonight's <a href="https://mastodon.online/tags/nhl" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#nhl</a> <a href="https://mastodon.online/tags/hockey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hockey</a> game between <a href="https://mastodon.online/tags/Montreal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Montreal</a> <a href="https://mastodon.online/tags/Canadiens" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Canadiens</a> and <a href="https://mastodon.online/tags/Philadelphia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Philadelphia</a> <a href="https://mastodon.online/tags/Flyers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Flyers</a>. It is my rolling <a href="https://mastodon.online/tags/metrics" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#metrics</a> <a href="https://mastodon.online/tags/stats" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#stats</a> plot, but in comparison mode.In this case, solid line for <a href="https://mastodon.online/tags/MTL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MTL</a> and dashed line for <a href="https://mastodon.online/tags/PHI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PHI</a>. Click on legend 2 interact. Each pair of lines are grouped, so clicking on oZS% will show/hide that metric for both MTL and PHI. Rolling mean window is for previous 5 games.<a href="https://mastodon.online/tags/hnom" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hnom</a> <a href="https://mastodon.online/tags/sports" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#sports</a> <a href="https://mastodon.online/tags/analytics" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#analytics</a> <a href="https://mastodon.online/tags/dataviz" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#dataviz</a> <a href="https://mastodon.online/tags/visualization" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#visualization</a><a href="https://sports.dionresearch.com/nhl/MTL/rolling_metrics_vs_PHI_2025-03-27.l.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://sports.dionresearch.com/nhl/MTL/rolling_metrics_vs_PHI_2025-03-27.l.html</a>

Nicklas Johnson 🏳️‍🌈If <a href="https://tech.lgbt/tags/Walmart" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Walmart</a> is dumping toxic waste and protected health information in landfills in <a href="https://tech.lgbt/tags/California" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#California</a>, you can be sure they're doing it in every other state as well. Everyone is paying for their "low prices."<a href="https://www.sfgate.com/bayarea/article/walmart-alleged-unlawful-dumping-california-19863436.php" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.sfgate.com/bayarea/article/walmart-alleged-unlawful-dumping-california-19863436.php</a><a href="https://tech.lgbt/tags/HIPAA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HIPAA</a> <a href="https://tech.lgbt/tags/PHI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PHI</a> <a href="https://tech.lgbt/tags/ToxicWaste" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ToxicWaste</a> <a href="https://tech.lgbt/tags/HazardousWaste" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HazardousWaste</a>

BeyondMachines :verified:Can Large Language Models (LLMs) truly reason? No. "We found no evidence of formal reasoning in language models including open-source models like <a href="https://infosec.exchange/tags/Llama" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Llama</a>, <a href="https://infosec.exchange/tags/Phi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Phi</a>, <a href="https://infosec.exchange/tags/Gemma" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Gemma</a>, and <a href="https://infosec.exchange/tags/Mistral" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Mistral</a> and leading closed models, including the recent <a href="https://infosec.exchange/tags/OpenAI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenAI</a> <a href="https://infosec.exchange/tags/GPT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GPT</a>-4o and <a href="https://infosec.exchange/tags/o1" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#o1</a>-series. Their behavior is better explained by sophisticated pattern matching—so fragile, in fact, that changing names can alter results by ~10%! We can scale data, parameters, and compute—or use better training data for Phi-4, Llama-4, GPT-5. But we believe this will result in 'better pattern-matchers,' not necessarily 'better reasoners."Full paper <a href="https://arxiv.org/pdf/2410.05229" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://arxiv.org/pdf/2410.05229</a>

Todd A. Jacobs | Pragmatic Cybersecurity<a href="https://infosec.exchange/@briankrebs" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@briankrebs</a> The best way to prevent <a href="https://infosec.exchange/tags/dataexfiltration" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#dataexfiltration</a> when breached is not to collect or store unnecessary data in the first place. That makes many of the current spate of <a href="https://infosec.exchange/tags/databreaches" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreaches</a> avoidable, self-inflicted incidents for which large companies are never held accountable in any truly meaningful way.You're spot on when you say that <a href="https://infosec.exchange/tags/databrokers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databrokers</a> rely on large <a href="https://infosec.exchange/tags/datalakes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#datalakes</a> of sensitive data they don't need directly. They also rely on large data sets where any typical datum may be harmless in itself, but often becomes sensitive or dangerous when aggregated, and often exponentially more so when connected to intrinsically sensitive data such as <a href="https://infosec.exchange/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PII</a>, <a href="https://infosec.exchange/tags/PHI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PHI</a>, or identity.Setting aside the financial incentives and lack of accountability for the data brokers, how do <a href="https://infosec.exchange/tags/businessleaders" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#businessleaders</a>, <a href="https://infosec.exchange/tags/regulatoryagencies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#regulatoryagencies</a>, and <a href="https://infosec.exchange/tags/electedpoliticians" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#electedpoliticians</a> justify this state of affairs to you? It's not like the public and private sectors don't also have data they want to protect, so why allow this shadow industry to prosper? This seems even more mystifying when it's so clearly a double-edged sword even for the brokerages' paying customers!

Hanse MinaAfter <a href="https://mastodon.social/tags/Putin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Putin</a>’s full-scale invasion of <a href="https://mastodon.social/tags/Ukraine" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Ukraine</a> in February 2022 prompted western governments to unleash an avalanche of economic sanctions against Russian oligarchs, there are now multiple superyachts like <a href="https://mastodon.social/tags/Phi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Phi</a> trapped in ports around the world. Several are stuck in seemingly never-ending legal quagmires, with vastly expensive lawyers hired by often opaque offshore owners battling for their release.<a href="https://www.ft.com/content/db20e533-7cf6-4cb9-bfd6-a6b6c8b36985" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.ft.com/content/db20e533-7cf6-4cb9-bfd6-a6b6c8b36985</a><a href="https://mastodon.social/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Russia</a> <a href="https://mastodon.social/tags/EU" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#EU</a> <a href="https://mastodon.social/tags/UK" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#UK</a> <a href="https://mastodon.social/tags/US" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#US</a>

doctorambientI know that if a person gives away their information to a non-medical website, then it's not technically <a href="https://mastodon.social/tags/PHI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PHI</a> anymore. But <a href="https://mastodon.social/tags/BetterHelp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BetterHelp</a> presented itself as complying with healthcare rules.They used language that made it sound like they were <a href="https://mastodon.social/tags/HIPAA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HIPAA</a> compliant.They specifically deceived me into giving them information that I wouldn't have if they had not presented themselves as being a healthcare organization. The penalty for this should be the complete dissolution of BetterHelp.

doctorambientI've been getting emails about an <a href="https://mastodon.social/tags/FTC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FTC</a> <a href="https://mastodon.social/tags/settlement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#settlement</a> with <a href="https://mastodon.social/tags/BetterHelp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BetterHelp</a>: "The FTC says that BetterHelp promised to keep users’ information private but revealed data to Facebook, Snapchat, Pinterest, and Criteo for advertising purposes. This data included email addresses, IP addresses, and **personal answers to health questions**."For sharing <a href="https://mastodon.social/tags/PHI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PHI</a>, apparently, they're going to send me a check for a few bucks!?! WTF?That's the only punishment?<a href="https://mastodon.social/tags/protectedhealthinformation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#protectedhealthinformation</a> <a href="https://mastodon.social/tags/hipaa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hipaa</a> <a href="https://mastodon.social/tags/hipaaviolation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hipaaviolation</a>

nietras 👾<a href="https://mastodon.social/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microsoft</a> dev blog now has similar content to my two blogs on <a href="https://mastodon.social/tags/Phi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Phi</a>-3-mini in <a href="https://mastodon.social/tags/csharp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#csharp</a> <a href="https://mastodon.social/tags/dotnet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#dotnet</a> 👇 devblogs.microsoft.com/dotnet/using-p…

Kyle Leaders (Open To Work)With all the valid concern around <a href="https://fosstodon.org/tags/llm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#llm</a> and <a href="https://fosstodon.org/tags/genai" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#genai</a> power and water usage, I thought I'd start a blog series on tiny LLMs. Let's see what they can do on real tasks on very power efficient hardware.<a href="https://kyle.works/blog/tiny-llm-reviews-intro/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://kyle.works/blog/tiny-llm-reviews-intro/</a><a href="https://fosstodon.org/tags/python" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#python</a> <a href="https://fosstodon.org/tags/llama" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#llama</a> <a href="https://fosstodon.org/tags/qwen" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#qwen</a> <a href="https://fosstodon.org/tags/phi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#phi</a> <a href="https://fosstodon.org/tags/ChatGPT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ChatGPT</a> <a href="https://fosstodon.org/tags/RISCV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RISCV</a>

Rami Krispin :unverified:In case you are wondering, the new Microsoft mini LLM - phi3, can handle code generation, in this case, SQL.I compared the runtime (locally on CPU) with respect to codellama:7B using Ollama, and surprisingly the Phi3 runtime was significantly slower.<a href="https://mstdn.social/tags/llm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#llm</a> <a href="https://mstdn.social/tags/DataScience" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DataScience</a> <a href="https://mstdn.social/tags/python" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#python</a> <a href="https://mstdn.social/tags/phi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#phi</a> <a href="https://mstdn.social/tags/machinelearning" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#machinelearning</a> <a href="https://mstdn.social/tags/ollama" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ollama</a>

Preston von GabbleduckTell me your <a href="https://aus.social/tags/LLM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LLM</a> has been trained using cishet data, not vetted for diversity & inclusion, without telling me your LLM has been trained using cishet data & vetted for diversity & inclusion. <a href="https://aus.social/tags/Phi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Phi</a> <a href="https://aus.social/tags/Phi2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Phi2</a>

Dissent Doe :cupofcoffee:The Perry Johnson & Associates (PJ&A) breach that affected 1.2 million patients of Cook County Health in Illinois also affected millions of Northwell Health patients on Long Island,<a href="https://www.databreaches.net/pja-data-breach-also-affected-millions-of-northwell-health-patients/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.databreaches.net/pja-data-breach-also-affected-millions-of-northwell-health-patients/</a>PJ&A is a medical transcription service so lots of <a href="https://infosec.exchange/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PII</a> and <a href="https://infosec.exchange/tags/PHI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PHI</a> appear to be involved in this one.The actual breach/exfil occurred months ago. So far, I've not found any attribution, any indication of any extortion/ransom demand, or any group claiming responsibility for this one. <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/HealthSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HealthSec</a> <a href="https://infosec.exchange/tags/HIPAA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HIPAA</a> <a href="https://infosec.exchange/tags/BusinessAssociate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BusinessAssociate</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/@BleepingComputer" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@BleepingComputer</a> <a href="https://mastodon.social/@campuscodi" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@campuscodi</a> <a href="https://ioc.exchange/@jgreig" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@jgreig</a> <a href="https://infosec.exchange/@briankrebs" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@briankrebs</a> <a href="https://infosec.exchange/@brett" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@brett</a> <a href="https://infosec.exchange/@euroinfosec" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@euroinfosec</a>

Dissent Doe :cupofcoffee:Exclusive: Advarra hacked, threat actors threatening to leak data:<a href="https://www.databreaches.net/exclusive-advarra-hacked-threat-actors-threatening-to-leak-data/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.databreaches.net/exclusive-advarra-hacked-threat-actors-threatening-to-leak-data/</a><a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/PHI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PHI</a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#incidentresponse</a> <a href="https://infosec.exchange/tags/transparency" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#transparency</a> This is an ugly incident also involving harassment... please consider not just reproducing any claims about named individuals without redacting names. <a href="https://infosec.exchange/@brett" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@brett</a> <a href="https://infosec.exchange/@BleepingComputer" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@BleepingComputer</a> <a href="https://infosec.exchange/@briankrebs" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@briankrebs</a> <a href="https://mastodon.social/@campuscodi" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@campuscodi</a> <a href="https://ioc.exchange/@jgreig" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@jgreig</a> <a href="https://infosec.exchange/@vxunderground" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@vxunderground</a>

deltatux :donor:The recent data breach of 23andMe affects over 7 million people and is a great reminder why you should never reuse passwords for multiple accounts. The company claims that a small user base were breached after a credential stuffing attack. When asked why breaching a small subset of users can affect over 7 million people, the company stated that in their preliminary investigation, it's likely the attackers were able to scrape additional people's data through their optional DNA Relatives feature that allows participants to find out other users they may be related to. Also a good reminder regarding how much data these companies have and how they can correlate genetic information where a small breach can affect so many. It's mind boggling how much health information these companies collect. <a href="https://therecord.media/scraping-incident-genetic-testing-site" rel="nofollow noopener noreferrer" target="_blank">https://therecord.media/scraping-incident-genetic-testing-site</a> <a href="https://infosec.town/tags/infosec" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.town/tags/cybersecurity" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.town/tags/databreach" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> <a href="https://infosec.town/tags/credentialstuffing" rel="nofollow noopener noreferrer" target="_blank">#credentialstuffing</a> <a href="https://infosec.town/tags/23andMe" rel="nofollow noopener noreferrer" target="_blank">#23andMe</a> <a href="https://infosec.town/tags/genetic" rel="nofollow noopener noreferrer" target="_blank">#genetic</a> <a href="https://infosec.town/tags/healthdata" rel="nofollow noopener noreferrer" target="_blank">#healthdata</a> <a href="https://infosec.town/tags/PHI" rel="nofollow noopener noreferrer" target="_blank">#PHI</a> <a href="https://infosec.town/tags/healthsec" rel="nofollow noopener noreferrer" target="_blank">#healthsec</a>

Dissent Doe :cupofcoffee:An inexcusable gap from breach to notification, or an excusable one?<a href="https://www.databreaches.net/an-inexcusable-gap-from-breach-to-notification-or-an-excusable-one/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.databreaches.net/an-inexcusable-gap-from-breach-to-notification-or-an-excusable-one/</a>Repeat after me: "Date of discovery" does NOT mean the date you completed any investigation. It is the date on which you first knew or reasonably should have known that you had a breach of unsecured PHI. It is not a huge breach as breaches go, but Sightpath Medical's breach notification raises a lot of questions about compliance with HIPAA's Breach Notification Rule. I hope <a href="https://infosec.exchange/tags/HHSOCR" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HHSOCR</a> investigates this one. <a href="https://infosec.exchange/tags/HIPAA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HIPAA</a> <a href="https://infosec.exchange/tags/HITECH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HITECH</a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/phi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#phi</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/transparency" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#transparency</a> <a href="https://infosec.exchange/tags/notification" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#notification</a> <a href="https://infosec.exchange/tags/vendor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#vendor</a>

Dissent Doe :cupofcoffee:RiteAid was just one of many victims of the <a href="https://infosec.exchange/tags/MOVEit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MOVEit</a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> by <a href="https://infosec.exchange/tags/Clop" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Clop</a>. Now they're being sued by plaintiffs who call them "reckless" and "negligent" for not having encrypted the protected health information.Imagine if every covered entity or business associate who didn't encrypt <a href="https://infosec.exchange/tags/PHI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PHI</a> got hacked was sued over a vendor breach.In this day and age where healthcare entities are under siege, is it somewhat reckless or negligent not to encrypt? And if not, will it ever be generally considered reckless and negligent? <a href="https://www.databreaches.net/rite-aid-one-of-many-victims-in-moveit-breach-sued-for-negligence/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.databreaches.net/rite-aid-one-of-many-victims-in-moveit-breach-sued-for-negligence/</a><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/HIPAA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HIPAA</a> <a href="https://infosec.exchange/tags/HealthSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HealthSec</a>

Sooraj Sathyanarayanan🔒Facing an increasing threat of cyberattacks, the healthcare industry must prioritize data protection, especially for SaaS applications. This article dives into strategies to secure <a href="https://mastodon.social/tags/PHI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PHI</a> and <a href="https://mastodon.social/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PII</a>, emphasizing the importance of <a href="https://mastodon.social/tags/HIPAA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HIPAA</a>-compliance add-ons, multi-layered security methods, and the role of SaaS Security Posture Management (SSPM) platforms. Essential reading for anyone in <a href="https://mastodon.social/tags/HealthcareIT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HealthcareIT</a>. Check it out -> <a href="https://thehackernews.com/2023/07/how-to-protect-patients-and-their.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://thehackernews.com/2023/07/how-to-protect-patients-and-their.html</a>

Dissent Doe :cupofcoffee:Anyone from <a href="https://infosec.exchange/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microsoft</a> follow me or have a contact there? If so, please read this post:Pointed to a phishing campaign targeting the healthcare sector, Microsoft leaps into action to … not even investigate?!<a href="https://www.databreaches.net/pointed-to-a-phishing-campaign-targeting-the-healthcare-sector-microsoft-leaps-into-action-to-not-even-investigate/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.databreaches.net/pointed-to-a-phishing-campaign-targeting-the-healthcare-sector-microsoft-leaps-into-action-to-not-even-investigate/</a><a href="https://infosec.exchange/tags/Phish" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Phish</a> <a href="https://infosec.exchange/tags/scampages" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#scampages</a> <a href="https://infosec.exchange/tags/Rx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Rx</a> <a href="https://infosec.exchange/tags/prescriptions" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#prescriptions</a> <a href="https://infosec.exchange/tags/healthinsurance" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#healthinsurance</a> <a href="https://infosec.exchange/tags/PHI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PHI</a> <a href="https://infosec.exchange/tags/dataprotection" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#dataprotection</a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#incidentresponse</a>

Dissent Doe :cupofcoffee:Scoop: Employee and patient files from Montgomery General Hospital leaked by ransomware groupThis was an attack by D#nutLeaks on a West Virginia hospital. There was some negotiations about payment that did not result in any deal, as chat logs provided to DataBreaches revealed. <a href="https://www.databreaches.net/employee-and-patient-files-from-montgomery-general-hospital-leaked-by-ransomware-group/" rel="nofollow noopener noreferrer" target="_blank">https://www.databreaches.net/employee-and-patient-files-from-montgomery-general-hospital-leaked-by-ransomware-group/</a><a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ransomware</a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#incidentresponse</a> Infosec <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/HIPAA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HIPAA</a> <a href="https://infosec.exchange/tags/PHI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PHI</a> <a href="https://infosec.exchange/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PII</a> <a href="https://infosec.exchange/@brett" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@brett</a> <a href="https://mastodon.social/@campuscodi" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@campuscodi</a> <a href="https://ioc.exchange/@allan" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@allan</a> <a href="https://ioc.exchange/@jgreig" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@jgreig</a> <a href="https://infosec.exchange/@aj_vicens" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@aj_vicens</a> <a href="https://infosec.exchange/@lawrenceabrams" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@lawrenceabrams</a>

Dissent Doe :cupofcoffee:Nine months after Atlantic Dialysis Management Services discovered a ransomware attack, they are notifying patients and regulators. <a href="https://www.databreaches.net/nine-months-after-ransomware-attack-atlantic-dialysis-management-services-notifies-patients-and-regulators/" rel="nofollow noopener noreferrer" target="_blank">https://www.databreaches.net/nine-months-after-ransomware-attack-atlantic-dialysis-management-services-notifies-patients-and-regulators/</a>)<a href="https://infosec.exchange/tags/HIPAA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HIPAA</a> <a href="https://infosec.exchange/tags/HITECH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HITECH</a> <a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IncidentResponse</a> <a href="https://infosec.exchange/tags/Transparency" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Transparency</a> <a href="https://infosec.exchange/tags/Disclosure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Disclosure</a> <a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ransomware</a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/PHI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PHI</a> <a href="https://infosec.exchange/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PII</a> <a href="https://infosec.exchange/tags/Healthsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Healthsec</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/@brett" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@brett</a> <a href="https://infosec.exchange/@BleepingComputer" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@BleepingComputer</a> <a href="https://ioc.exchange/@allan" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@allan</a> <a href="https://infosec.exchange/@vxunderground" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@vxunderground</a>

Recent searches

Search options

Administered by:

Server stats:

#phi