Shaun Wooler reports:
A computer geek with alleged
links to global hacking group Anonymous has stolen patient data from an NHS
appointment booking system.
The crook breached a private
contractor’s security to access a database containing confidential records on
up to 1.2million people.
SwiftQueue is paid by eight NHS trusts to manage a website, through which patients
can book appointments with a GP, hospital or clinic.
They also operate terminals
within waiting rooms, where patients can check-in upon arrival.
Read more on The
Sun.
[From the
article:
The source said the hack exploited weaknesses in
SwiftQueue’s software, which should have
been patched several years ago.
They claim to have downloaded the company’s entire
database, containing 11million records, including passwords.
… The company said they do not hold patients’
medical records and passwords are encrypted.
A proper response! Notice that the investigation is being
directed by lawyers.
From their web site, the following breach
notification. According to their report to HHS, 266,123 patients were notified.
Notice of Data Breach
At Pacific Alliance Medical Center (PAMC), we understand
that the confidentiality and security of medical and personal information is
critically important, and we are committed to protecting it. The purpose of this post is to notify patients
and employees of a recent cyber incident that affected PAMC and may have
resulted in a compromise of certain electronic files containing medical or
personal information.
What Happened
On June 14, 2017, PAMC became aware that certain of its
networked computer systems were being affected by a cyber incident. PAMC suspects that the incident began on or
shortly before that date. Shortly after
becoming aware of the issue, PAMC’s Information Technology Department completed
a preliminary assessment and determined that certain networked computer systems
had been infected by a computer virus that was encrypting (making unreadable)
certain files on PAMC’s computer network. PAMC promptly shut down its networked computer
systems, initiated its incident response and recovery procedures, notified the
Federal Bureau of Investigation, and began a forensic investigation under the direction of its counsel. Since then, PAMC has decrypted (made readable
again) the affected files and has taken action to restore the affected systems
and prevent similar incidents from occurring.
Keeping up with the hackers or correcting omissions?
Delaware Adds More Stringent Data Breach Notice Requirements
… Companies will
be required to tell state residents affected by a data breach within 60 days
and notify the state attorney general if a breach affects more than 500
residents.
… Medical and biometric data is included in the
list of protected personal data for the first time in Delaware.
The new law also requires
companies to provide a year of free credit monitoring services to any Delaware
resident whose Social Security number is compromised in a breach.
Big Data Analytics.
It’s easier to remove a million watermarks than to remove just one.
Google shows how easy it is for software to remove watermarks
from photos
Google’s research division today detailed just how easy it
is for computer algorithms to bypass standard photo watermarking practices,
stripping those images of copyright protection and making them vulnerable to
reposting across the internet without credit. The research, presented at a leading computer vision conference in
Hawaii back in July, is described in detail in a paper titled, “On
the Effectiveness of Visible Watermarks.”
… Dekel and
Rubinstein say the core problem with current photo watermarking processes is
the high level of consistency in style. “We show that this consistency can be used to
invert the watermarking process — that is, estimate the watermark image and its
opacity, and recover the original, watermark-free image underneath,” the duo
explain. “This can all be done
automatically, without any user intervention or prior information about the
watermark, and by only observing watermarked image collections publicly available
online.”
It is possible to get technology right. (Second only to McDonald’s, see the chart.) Funny how often that requires other,
non-technical changes.
Starbucks Teaches Silicon Valley a Lesson in Tech
There were plenty of reasons for skepticism when Starbucks
rolled out its digital ordering system nationally in September 2015. EBay had already rolled out a location-based
system that recognized customers as they walked in the door. Consumers were not particularly impressed;
eBay eventually spun off its PayPal unit. Apple Pay, meanwhile, was launched in 2014 as
a faster, more secure method of payment. Merchants weren’t enthused. Many never activated the feature.
But Starbucks was still betting that its customers would
jump at the chance to preorder coffee and food for pickup at a nearby store.
Sure enough, the company’s mobile order-and-pay feature
has become a major hit, one more example of Starbucks’—and coffee’s—universal
appeal. The preorders have actually
created bottlenecks at Starbucks’ counters, as pickups collide with in-store
orders. The company is rethinking store layouts and hiring preorder
specialists to handle the demand.
(Related).
Americans
Love Ordering Pizza on Facebook
The cutthroat U.S. restaurant industry is getting
increasingly aggressive about technology, enlisting Facebook Inc. and Amazon.com Inc. in their race to
make it easier for customers to order and pay for their food.
Last month, TGI Fridays began letting customers foot the
bill using their Amazon accounts. And
pizza chains are locked in an escalating battle to adopt new ordering methods
-- a contest that involves chat bots, voice-activated devices and social
networks.
Papa John’s International Inc. went so far as to declare
itself an “e-commerce company” this month after delivering surprisingly strong
results.
… Customers,
especially millennials, are no longer content to call up a pizza place and
dictate an order over their phone. And
they don’t want to wait in line at the Starbucks register.
At some point, they should hire someone who knows how to
run a bank.
Wells Fargo troubles shift from phony bank accounts to real
ones
After paying customers millions of dollars for opening
phony accounts they did not want, Wells Fargo & Co has said it is now
grappling with the possibility it harmed customers by closing real accounts
they needed, leaving them without access to funds.
… Some of the
complaints described fraudulent deposits of unknown origin. Others said they were victims of identity
theft and Wells Fargo closed their accounts and refused to reopen them or open
new ones. One customer said the bank
closed an account after a hacker changed personal information, and then Wells
Fargo improperly sent funds to the wrong address.
The complaints had consistent themes of confusion about
why accounts were frozen or closed, and reflected desperation over being unable
to access money, as well as frustration over not getting help from Wells
Fargo's customer service.
… Well Fargo's
major competitors did not report similar issues or regulatory probes in their
quarterly filings.
(Related). Anticipating a huge decline in stock
price? That should get someone’s
attention.
Wells Fargo & Target of Unusually Large Options Trading
(WFC)
Wells Fargo & Company was the recipient of some
unusual options trading activity on Thursday. Traders acquired 27,464 put options on the
stock. This is an increase of approximately 155% compared to the average
daily volume of 10,758 put options.
Perspective. Has
the pendulum swung too far?
Tech Censorship of White Supremacists Draws Criticism From
Within Industry
The debate intensified over whether the growing number of
tech companies that blocked white supremacists and a neo-Nazi website on the
internet have gone too far, as a prominent privacy group questioned the power a
few corporations have to censor.
Sometimes, advertisers can use current events creatively.
No comments:
Post a Comment