Correspondent, Boston
Jim's Feed
Aug 23, 2014
Aug 23, 2014

U.S. undercover investigators among those exposed in data breach

BOSTON/WASHINGTON (Reuters) – A cyber attack at a firm that performs background checks for U.S. government employees compromised data of at least 25,000 workers, including some undercover investigators, and that number could rise, agency officials said on Friday.

The breach at Falls Church, Virginia-based US Investigations Services (USIS) exposed highly personal information of workers at the Department of Homeland Security’s headquarters as well as its U.S. Immigration and Customs Enforcement and U.S. Customs and Border Protection units, two officials familiar with the investigation into the breach told Reuters.

Aug 22, 2014

Breach at U.S. government contractor affected at least 25,000 workers

BOSTON (Reuters) – A cyber attack at a company that performs background checks for the U.S. Department of Homeland Security compromised data of at least 25,000 government workers, and that number could rise, an agency official said on Friday.

The official told Reuters that DHS plans to notify approximately 25,000 employees that they may be “impacted” by the computer breach at Falls Church, Virginia-based US Investigations Services (USIS) over the coming days.

Aug 21, 2014

JPMorgan customers targeted in email phishing campaign

BOSTON/NEW YORK (Reuters) – Fraudsters are targeting JPMorgan Chase & Co customers in an email “phishing” campaign that is unusual because it attempts to collect credentials for that bank and also infect PCs with a virus for stealing passwords from other institutions.

The campaign, dubbed “Smash and Grab,” was launched on Tuesday with a widely distributed email that urged recipients to click to view a secure message from JPMorgan, according to security researchers with corporate email provider Proofpoint Inc.

Aug 20, 2014

FBI warns healthcare firms they are targeted by hackers

BOSTON (Reuters) – The FBI has warned that healthcare industry companies are being targeted by hackers, publicizing the issue following an attack on U.S. hospital group Community Health Systems Inc that resulted in the theft of millions of patient records.

“The FBI has observed malicious actors targeting healthcare related systems, perhaps for the purpose of obtaining Protected Healthcare Information (PHI) and/or Personally Identifiable Information (PII),” the agency said in a “Flash” alert obtained by Reuters on Wednesday.

Aug 20, 2014

U.S. hospital breach biggest yet to exploit Heartbleed bug: expert

By Jim Finkle and Supriya Kurane

(Reuters) – Hackers who stole the personal data of about 4.5 million patients of hospital group Community Health Systems Inc broke into the company’s computer system by exploiting the “Heartbleed” internet bug, making it the first known large-scale cyber attack using the flaw, according to a security expert.

The hackers, taking advantage of the pernicious vulnerability that surfaced in April, got into the system by using the Heartbleed bug in equipment made by Juniper Networks Inc, David Kennedy, chief executive of TrustedSec LLC, told Reuters on Wednesday.

Aug 19, 2014

U.S. government’s nuclear watchdog victim of cyber attacks -report

BOSTON, Aug 19 (Reuters) – The U.S. Nuclear Regulatory
Commission was “successfully hacked” three times in recent years
in attacks involving tainted emails, according to an internal
investigation on cyber attacks at the agency, Nextgov.com
reported on Tuesday.

At least two of the attacks originated overseas, according
to the report obtained by Nextgov, a rare public report with
details of a cyber attack on the energy sector.

Aug 18, 2014
Aug 18, 2014

Community Health says data stolen in cyber attack from China

By Jim Finkle and Caroline Humer

(Reuters) – Community Health Systems Inc (CYH.N: Quote, Profile, Research, Stock Buzz), one of the biggest U.S. hospital groups, said on Monday it was the victim of a cyber attack from China, resulting in the theft of Social Security numbers and other personal data belonging to 4.5 million patients.

That would make the attack the largest of its type involving patient information since a U.S. Department of Health and Human Services website started tracking such breaches in 2009. The previous record, an attack on a Montana Department of Public Health server, was disclosed in June and affected about 1 million people.

Aug 18, 2014
    • About Jim

      "Jim works in the Reuters Boston bureau covering cyber security, hacking and technology privacy issues. He’s been with Reuters since 2005. He previously covered technology, media and biotechnology for Broadcasting & Cable, the Orange County Register and Bloomberg News out Tokyo, Taipei, San Francisco, Los Angeles and Santa Ana, California."
      Joined Reuters:
      2005
      Languages:
      English, Mandarin
    • More from Jim

    • Contact Jim

    • Follow Jim