Digital startup PostMeds Inc., operating as TruePill, is an online pharmacy service based in California. The company allows patients to compare copay pricing, get status notifications on pill orders, and request refills. However, all this may change soon; at the end of October, TruePill endured a severe data breach, landing them in hot water with patients and courts.
Adversaries are becoming more sophisticated and faster with their attacks. According to the CrowdStrike 2023 Threat Hunting Report, the average eCrime breakout time is just 79 minutes. This is partly due to adversaries taking advantage of tools that leverage automation like password-cracking tools, exploit kits for web browser vulnerabilities, and marketplaces that sell stolen data.
Perry Johnson & Associates (PJ&A) is a medical transcription service assisting providers like Cook County Health and Northwell Health. In mid-October, Chicago’s Cook County Health announced a data breach from PJ&A with a limited impact figure. However, the Department of Health and Human Services (DHS) has confirmed a more significant number than PJ&A initially determined.
Breaches were rampant this week, impacting as many as 15 million individuals. The State of Maine announced that it bled 1.3 million resident records due to the global MOVEit vulnerability. Meanwhile, in Ohio, the City of Huber Heights was targeted by a ransomware attack; potentially, 50,000 residents may have their data exposed. In Michigan, the McLaren Health Care network was allegedly attacked by the ransomware gang BlackCat—losing 2.2 million records to exposure.
Stanford Health Care Alliance encompasses children’s hospitals, care plans, medicine partners, scholars, and the Stanford University faculty. The breach allegedly includes information from Stanford Health Care, Stanford Tri-Valley, Stanford Medicine Partners, Lucile Packard Children’s Hospital, and Packard Children’s Health Alliance.
In the high-stakes world of cybersecurity, one of the most daunting challenges faced by CISOs is the task of persuading their organization to invest in security capability. But in an age of worker shortages, cost-cutting measures, and a surge in third-party cyber risk at the enterprise level, CISOs need to get this message across urgently.
Get ready to witness a game-changing moment in the world of cybersecurity and passwords! An impressive coalition of over 90 nonprofit organizations, including Consumer Reports and the Better Business Bureau, just dropped a brand-new directive protecting your accounts and devices called “The Common Guidance on Passwords.” This announcement sets the stage for the grand inauguration of “World More Than a Password Day,” which was on November 10, 2023.
DevSecOps is a modern approach to software development that implements security as a shared responsibility throughout application development, deployment, and operations. As an extension of DevOps principles, DevSecOps helps your organization integrate security testing throughout the software development life cycle. In this blog, we discuss DevSecOps best practices and practical steps to producing secure software.
Identity verification is a foundational aspect of both personal and business transactions in today’s digital age. Whether you’re an individual seeking to access online services or a business aiming to establish trust with your customers, the right identification solution is essential.
