Yazılar

FBI Investigating Cyberattack at Oracle Involving Patient Data Theft

/in /tarafından

The FBI is currently investigating a cyberattack at Oracle that resulted in the theft of patient data, according to a Bloomberg News report. The attack, which occurred after January 22, compromised Oracle’s servers, where hackers copied patient data to an external location. The breach is believed to have been an attempt to extort multiple medical providers in the United States.

Oracle, which acquired Cerner Corp. in 2022 for $28 billion, notified its healthcare customers about the breach earlier this month. However, it remains unclear how many patient records were affected and which healthcare providers were targeted. The breach involved older Cerner servers, where data had not yet been transferred to Oracle’s cloud storage.

While the FBI has declined to comment, Oracle confirmed it became aware of the breach on February 20. Oracle has not yet responded to further inquiries. The company’s involvement in healthcare IT through its Cerner acquisition has likely increased its exposure to cybersecurity risks in the healthcare sector.

Baidu Denies Data Breach Amid Controversy Over Executive’s Daughter

/in /tarafından

Baidu, one of China’s largest search and cloud service providers, has denied allegations of an internal data breach after the teenage daughter of a senior executive was accused of posting personal information online. The controversy erupted when social media users alleged that the daughter of Baidu vice president Xie Guangjun had leaked private details, including phone numbers, during an online dispute.

In response, Baidu stated that neither employees nor executives have access to user data and that the leaked information originated from illegally obtained databases hosted on foreign platforms. The company also announced that it had filed a police report to counter misinformation, including claims that Xie’s daughter had access to Baidu’s databases.

Xie, a member of Baidu’s cloud division, apologized for his daughter’s actions, asserting that she had acquired the data from overseas social media sites. His statement, reported by Chinese media, was shared on his personal WeChat account.

The incident comes as China tightens data security laws to curb the sale of private information, an issue exacerbated by illicit data brokers. The controversy has impacted Baidu’s stock performance, with shares dropping over 4% in Hong Kong trading on Thursday morning.

Australia Regulator Sues FIIG Securities for Cybersecurity Failures

/in /tarafından

The Australian Securities and Investments Commission (ASIC) announced on Thursday that it is suing FIIG Securities, a fixed-income broker, accusing the company of failing to implement proper cybersecurity measures over a four-year period. These alleged failures allowed a hacker to infiltrate FIIG’s IT network, resulting in the theft of approximately 385 gigabytes of confidential data.

The breach, which occurred between May 19 and June 8, 2023, affected 18,000 clients, who were notified that their personal information may have been compromised. Some of the stolen client data was later found on the dark web.

ASIC’s lawsuit claims that from March 2019 to June 2023, FIIG failed to take necessary steps to ensure the security of its digital infrastructure. The regulator stated that the company lacked adequate cyber risk management systems, which directly contributed to the attack.

“Advancing digital safety and resilience is a strategic priority for ASIC, and we have been actively engaging with companies to support the continuous improvement of cyber and operational resilience practices,” said ASIC Chair Joe Longo.

During the period when the cybersecurity issues occurred, JPMorgan held assets for FIIG and its clients, ranging in value from A$2.89 billion ($1.83 billion) to A$3.7 billion. However, JPMorgan declined to comment on the matter when contacted by Reuters, and FIIG did not respond to requests for comment.

According to ASIC, the deficiencies alleged include FIIG’s failure to adequately update and patch its software, as well as its insufficient resources to protect against and prevent cyberattacks.