Industry News: ESG5

The Target: HMG Healthcare is headquartered in The Woodlands, Texas, and provides a range of services, including memory care, rehabilitation and assisted living. HMG’s website says it employs more than 4,100 people and serves approximately 3,500 patients, generating more than $150 million in annual revenues.

The Take: HMG said the stolen information “likely contained” personal information, including names, dates of birth, contact information, Social Security numbers and records related to employment; as well as medical records, general health information and information regarding medical treatment, according to the notice.

The Vector: In a notice published on its website, HMG chief executive Derek Prince confirmed that hackers in August accessed a server storing “unencrypted files” containing sensitive information belonging to patients, employees, and their dependents. HMG said it learned of the breach months later in November.

As phishing actors continue to explore every potential abuse opportunity on legitimate service providers, novel security gaps constantly threaten to expose users to severe risks. It is essential not to rely solely on email protection solutions, and also scrutinize every email that lands on your inbox, look for inconsistencies, and double-check all claims made in those messages.

Read more...

2024-01-11

BNN Bloomberg: The Canadian government is joining forces with the cybersecurity ratings firm SecurityScorecard Inc. to bolster defenses for the country’s critical infrastructure.

Read more...

2024-01-09

SecurityWeek: Pinpoint’s 2023 annual cybersecurity funding report shows that there were a total of 437 funding and M&A transactions last year, including 346 funding rounds and 91 M&A deals. 

Read more...

2024-01-09

US News: The hack of the U.S. Securities and Exchange Commission's official account on X renewed concerns about the social media platform's security since its takeover by billionaire Elon Musk in 2022.

Read more...

2024-01-09

Yahoo News: Advances in artificial intelligence may facilitate hacking, scamming and money laundering by reducing the technical know-how required to carry out such crimes, top U.S. law enforcement and intelligence officials said 

Read more...

2024-01-08

Mint: Venture capital investors are scaling their cyber security investments on the back of advancements in artificial intelligence (AI) and rising instances of data security breaches.  

Read more...

2024-01-08

TechCrunch: SentinelOne’s deal to acquire PingSafe values the Peak XV-backed young startup at over $100 million, two sources familiar with the matter told TechCrunch, in one of the strongest and fastest exits emerging from India.

Read more...

2024-01-08

Forbes: Remember when the cyberattack on SolarWinds broke through the coverage of Covid-19 and dominated headlines? That was around three years ago, and the story lingered for a while as a kind of cautionary tale.

Read more...

The Target: Orrick, Herrington & Sutcliffe, a popular San Francisco-based international law firm.

The Take: The stolen data encompassed a vast array of information, including names, dates of birth, addresses, email addresses, and government-issued identification numbers like Social Security, passport, driver’s license, and tax identification numbers.

The Vector: The intrusion into Orrick’s network compromised a file share, revealing personal information and sensitive health data of victims.

This breach is a stark reminder of how authentication controls are in an overall robust cybersecurity posture, and that good password hygiene plays a pivotal role in protection.

Read more...

2024-01-04

The Post: A New Zealand cyber-security firm that has the ear of many media organisations around the world has called for a complete ban on paying off ransomware attackers, arguing it is the only way to get on top of the crime.

Read more...