Tag: managed security services

Data breach

Be Careful with Legacy Systems

The popular travel site Orbitz recently announced that a hacker may have stolen the private information of up to 880,000 of their customers over the course of two years. While data breaches at major organizations like this are nothing new (and have become far too common in recent years), the method through which this attack was carried out should give all organizations a moment of pause and lead to some serious internal analysis. What Happened? In a statement released to the press, Orbitz singled out an old “legacy travel booking platform,” as the source of the breach. A legacy platform is a common term for any system or software still employed at an organization despite the fact it is likely

Read More »
healthcare breaches

Healthcare Breaches: The Newest Round of HIPAA Fines

A new HIPAA fine has been released, and it’s significant. Federal regulators have issued one of the largest HIPAA settlements ever in favor of 521 impacted individuals over Massachusetts-based healthcare organization Fresenius Medical Care (FMCNA). Cited specifically for a lack of risk analysis, FMNCA now ranks among one of the costliest HIPAA penalties issued, paying out $3.5 million to affected individuals. Fresenius first reported the breach on January 21, 2013. Data exposed included patient names, addresses, dates of birth, telephone numbers, insurance information and even some social security numbers. FMNCA committed an all too common theme among HIPAA violations, failure to conduct a thorough risk analysis of potential risks and vulnerabilities to the confidentiality, integrity, and availability of all its

Read More »