BOSTON/WASHINGTON (Reuters) – A cyber attack at a firm that performs background checks for U.S. government employees compromised data of at least 25,000 workers, including some undercover investigators, and that number could rise, agency officials said on Friday.
The breach at Falls Church, Virginia-based US Investigations Services (USIS) exposed highly personal information of workers at the Department of Homeland Security’s headquarters as well as its U.S. Immigration and Customs Enforcement and U.S. Customs and Border Protection units, two officials familiar with the investigation into the breach told Reuters.
BOSTON (Reuters) – A cyber attack at a company that performs background checks for the U.S. Department of Homeland Security compromised data of at least 25,000 government workers, and that number could rise, an agency official said on Friday.
The official told Reuters that DHS plans to notify approximately 25,000 employees that they may be “impacted” by the computer breach at Falls Church, Virginia-based US Investigations Services (USIS) over the coming days.
BOSTON/NEW YORK (Reuters) – Fraudsters are targeting JPMorgan Chase & Co customers in an email “phishing” campaign that is unusual because it attempts to collect credentials for that bank and also infect PCs with a virus for stealing passwords from other institutions.
The campaign, dubbed “Smash and Grab,” was launched on Tuesday with a widely distributed email that urged recipients to click to view a secure message from JPMorgan, according to security researchers with corporate email provider Proofpoint Inc.
BOSTON (Reuters) – The FBI has warned that healthcare industry companies are being targeted by hackers, publicizing the issue following an attack on U.S. hospital group Community Health Systems Inc that resulted in the theft of millions of patient records.
“The FBI has observed malicious actors targeting healthcare related systems, perhaps for the purpose of obtaining Protected Healthcare Information (PHI) and/or Personally Identifiable Information (PII),” the agency said in a “Flash” alert obtained by Reuters on Wednesday.
By Jim Finkle and Supriya Kurane
(Reuters) – Hackers who stole the personal data of about 4.5 million patients of hospital group Community Health Systems Inc broke into the company’s computer system by exploiting the “Heartbleed” internet bug, making it the first known large-scale cyber attack using the flaw, according to a security expert.
The hackers, taking advantage of the pernicious vulnerability that surfaced in April, got into the system by using the Heartbleed bug in equipment made by Juniper Networks Inc, David Kennedy, chief executive of TrustedSec LLC, told Reuters on Wednesday.
BOSTON, Aug 19 (Reuters) – The U.S. Nuclear Regulatory
Commission was “successfully hacked” three times in recent years
in attacks involving tainted emails, according to an internal
investigation on cyber attacks at the agency, Nextgov.com
reported on Tuesday.
At least two of the attacks originated overseas, according
to the report obtained by Nextgov, a rare public report with
details of a cyber attack on the energy sector.
Mandiant says APT-18 behind hospital breach and possibly state backed. Crowdstrike calls same group Dynamite Panda and says tied to govt.
(Reuters) – Community Health Systems Inc (CYH.N: Quote, Profile, Research, Stock Buzz), one of the biggest U.S. hospital groups, said on Monday it was the victim of a cyber attack from China, resulting in the theft of Social Security numbers and other personal data belonging to 4.5 million patients.
That would make the attack the largest of its type involving patient information since a U.S. Department of Health and Human Services website started tracking such breaches in 2009. The previous record, an attack on a Montana Department of Public Health server, was disclosed in June and affected about 1 million people.