[ISN] Chicago-area doctors’ group announces data breach

http://www.chicagotribune.com/news/local/breaking/chi-chicagoarea-doctors-group-announces-data-breach-20140404,0,5815884.story By Mitch Smith Tribune reporter April 5, 2014 Surgical information for more than 1,200 patients may have been compromised in February when an unknown person accessed a doctor’s Gmail account, a Chicago-area physicians’ group announced Friday. Midwest Orthopaedics at Rush said in a news release that names and dates of birth for 1,256 patients could have been accessed, along with descriptions, dates and instructions for their surgeries. All those patients were notified by letter this week, Midwest Orthopaedics at Rush said, and the group has received no reports that the information has been misused. The breach, which was discovered around Feb. 10, did not expose patients’ financial information, the group said. “We take this situation very seriously and apologize that this incident occurred,” Dennis Viellieu, the group’s CEO, said in the news release. “Maintaining the integrity of confidential patient information is of utmost importance to us.” […]




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Security flaws could give hackers control of power plants and oil rigs

http://www.itproportal.com/2014/04/04/security-flaws-could-give-hackers-control-of-power-plants-and-oil-rigs/ By Alex Hamilton IT Pro Portal 04 Apr 2014 Power plants, oil rigs and refineries could be at risk from hackers, new research shows, as there are vital bugs in their software that could allow an outsider to gain remote access. Around the world about 7,600 plants are using the vulnerable software that could allow an attacker with the “lowest skill in hacking” to exploit them. The software, named Centum CS 3000, was first released to run on Windows 98 and is used to monitor and control the heavy machinery in many of the globe’s large industrial installations. “We went from zero to total compromise,” Juan Vasquez, from security firm Rapid7, told the BBC. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] 5-year-old hacks Xbox, now he’s a Microsoft ‘security researcher’

http://www.computerworld.com/s/article/9247465/5_year_old_hacks_Xbox_now_he_s_a_Microsoft_39_security_researcher_39_ By Zach Miners IDG News Service April 4, 2014 A 5-year-old San Diego boy has been commended by Microsoft for his security skills after finding a vulnerability in the company’s Xbox games console. Kristoffer Von Hasssel’s parents noticed earlier this year that he was logged into his father’s Xbox Live account and playing games he was not supposed to. He hadn’t stolen his father’s password. Instead, he stumbled upon a very basic vulnerability that Microsoft is said to have now fixed. After typing an incorrect password, Kristoffer was taken to a password verification screen. There, he simply tapped the space bar a few times, hit “enter” and was let into his father’s account. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail