Lua Joins App Configuration for Enterprise (ACE) Program
The secure mobile messaging platform provider Lua has announced it has joined the App Configuration for Enterprise (ACE) program. The ACE program was recently launched to create a standard approach to configuring and securing apps in the enterprise. ACE has developed an operating framework incorporating APIs from operating system platforms such as Android and Apple iOS. By using the framework, developers can create new, secure apps with minimal effort. Lua has joined founding members Cisco, Salesforce, Workday, Box, Xamarin, and AirWatch in the program. The Lua platform has also been made available on the AirWatch Marketplace. The new ACE integration allows all organizations running the EMM solution to easily administer Lua as a managed application. “As a member of ACE we are able to offer customers mobile messaging in a secure, easy-to-manage EMM environment,” said Brian Feller, Vice President of Corporate Development at Lua. “Executives across all industries are concerned with security and amplifying their employees’ productivity. Secure mobile messaging is the cornerstone of a...
HIPAA Breach for Handbags: Manhattan DA Indicts 8 in ID Theft Ring
Yesterday, the Manhattan District Attorney’s Office issued a press release announcing the indictment of 8 individuals involved in an ID Theft Ring. A former Montefiore Medical Center employee was named as the provider of the Protected Health Information (PHI) which enabled the thieves to obtain gift cards and store cards and run up tens of thousands of dollars of debt. Monique Walker, 32, was employed as an assistant clerk at Montefiore Medical Center, and was provided with access to patient records in order to complete her work duties. However, Walker allegedly started printing off pages of HIPAA-protected patient records to sell to a third party, Fernando Salazar, 28. The records contained patient names, addresses, dates of birth, health insurance information, next of kin contacts and Social Security numbers. The information was used by thieves to forge identities to obtain goods and gift cards from high-end stores. The offenses are alleged to have taken place between 2012 and 2013. Walker was paid $3 for each printed copy of the records, and during her time at the hospital she...
Akorn Database for the Highest Bidder: Hacker Holds Pharma Data Auction
A Lake Forest, IL, pharmaceutical company has discovered its cybersecurity defenses were not as impregnable as thought. A hacker has managed to infiltrate the customer database of Akorn Inc., and has stolen over 50,000 records. Those records have been offered online to the highest bidder or will be given back to Akorn if the price is right. In spite of outward appearances, the attack does not appear to be financially motivated; instead, the hacker has claimed that the cyberattack was staged to “teach them a lesson in security.” Hacker Claims Responsibility for the Attack Earlier this week a known hacker, operating under the name “Mufasa,” made an offer via the dark web to sell the data appropriated in the Akorn cyberattack. Along with that offer was a selection of the data confirming the authenticity of the offer. The hacker is the same person who claimed responsibility for the huge iiNet ISP data breach in Australia earlier this month. The hacker is known for using SQL Injection to exploit security vulnerabilities, and according to Salted Hash, the same technique was used to gain...
L.A. Medical Center Employee Causes 4,859-Record HIPAA Breach
A 4-year HIPAA data breach has been reported by The University of California Irvine Medical Center after the healthcare provider discovered an employee had accessed nearly 5,000 patient records without authorization. Shocking Discovery Could Prove Expensive News of the discovery of a data breach is enough to bring out a cold sweat in many a CISO; news that the breach has been allowed to persist for 4 years unchecked is certain to cause sleepless nights. The length of time a breach is allowed to persist has major implications for the cost of remediation. Credit and identity theft protection may need to be extended to two years or more and breach fines could be considerable. The Department of Health and Human Services’ Office for Civil Rights can levy a fine of up to $1.5 million per violation category discovered. That figure is then multiplied by the number of years the violation was allowed to persist. Healthcare providers can implement a number of security measures to stop employees snooping on records and stealing customer data, but the risk is impossible to eliminate. The...
MDL Established for Anthem Data Breach Class Action Lawsuits
In February of this year, the largest ever healthcare data breach was reported. Anthem Inc., one of the nation’s largest healthcare insurers, was targeted by hackers using a phishing campaign and were able to break through security defenses and steal approximately 78.8 million member records. The data breach launched a myriad of class-action lawsuits with breach victims seeking punitive damages for the exposure of their private and confidential information. The sheer number of cases threatens to swamp District Courts over the coming months. There are more than 100 class-actions pending in the state of California alone. Single MDL for 17 Anthem Class-Action Lawsuits This week the U.S. Judicial Panel on Multidistrict Litigation arrived at a decision to consolidate many of these class actions into one, and now 17 separate actions will be grouped together into a single Multi-District Litigation. It is probable that this number will grow substantially with such a high volume of suits still pending. After each case was assessed individually the panel of seven decided to transfer the...



