AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 6/10/2024

Nearly 400,000 affected by data breach at eye care management services company

Nearly 400,000 people had sensitive healthcare information stolen by hackers during a 2023 cyberattack on a company that supports eye clinics. Colorado-based Panorama Eyecare told regulators in Maine and Massachusetts that 377,911 current and former patients and employees had data stolen — including names, Social Security numbers, dates of birth, license numbers, financial account information, dates of service and medical provider names. 

 

Microsoft Will Switch Off Recall by Default After Security Backlash

When Microsoft named its new Windows feature Recall, the company intended the word to refer to a kind of perfect, AI-enabled memory for your device. Today, the other, unintended definition of “recall”—a company’s admission that a product is too dangerous or defective to be left on the market in its current form—seems more appropriate. On Friday, Microsoft announced that it would be making multiple dramatic changes to its rollout of its Recall feature, making it an opt-in feature in the Copilot+ compatible versions of Windows where it had previously been turned on by default, and introducing new security measures designed to better keep data encrypted and require authentication to access Recall’s stored data.

 

Frontier warns 750,000 of a data breach after extortion threats

Frontier Communications is warning 750,000 customers that their information was exposed in a data breach after an April cyberattack claimed by the RansomHub ransomware operation. Frontier is a leading U.S. communications provider that provides gigabit Internet speeds over a fiber-optic network to millions of consumers and businesses across 25 states. The telecommunications provider says it suffered a cyberattack in mid-April 2024, allowing hackers to access customers’ personal information stored on its systems.

 

FCC takes some action against notorious BGP

US broadband providers will soon have to provide proof to Uncle Sam that they are taking steps to prevent Border Gateway Protocol (BGP) hijacking and locking down internet routing in general. The FCC has unanimously approved a notice of proposed rulemaking that will require internet service providers to prepare, and annually update, a confidential BGP security risk management plan. Presumably they have to stick to their plan.

 

Google avoids jury trial by sending $2.3 million check to US government

Google has achieved its goal of avoiding a jury trial in one antitrust case after sending a $2.3 million check to the US Department of Justice. Google will face a bench trial, a trial conducted by a judge without a jury, after a ruling today that the preemptive check is big enough to cover any damages that might have been awarded by a jury. “I am satisfied that the cashier’s check satisfies any damages claim,” US District Judge Leonie Brinkema said after a hearing in the Eastern District of Virginia on Friday, according to Bloomberg. “A fair reading of the expert reports does not support” a higher amount, Brinkema said.

Related Posts