Industry News: ESG5

The Target: HMG Healthcare is headquartered in The Woodlands, Texas, and provides a range of services, including memory care, rehabilitation and assisted living. HMG’s website says it employs more than 4,100 people and serves approximately 3,500 patients, generating more than $150 million in annual revenues.

The Take: HMG said the stolen information “likely contained” personal information, including names, dates of birth, contact information, Social Security numbers and records related to employment; as well as medical records, general health information and information regarding medical treatment, according to the notice.

The Vector: In a notice published on its website, HMG chief executive Derek Prince confirmed that hackers in August accessed a server storing “unencrypted files” containing sensitive information belonging to patients, employees, and their dependents. HMG said it learned of the breach months later in November.

As phishing actors continue to explore every potential abuse opportunity on legitimate service providers, novel security gaps constantly threaten to expose users to severe risks. It is essential not to rely solely on email protection solutions, and also scrutinize every email that lands on your inbox, look for inconsistencies, and double-check all claims made in those messages.

Read more...

The Target: Orrick, Herrington & Sutcliffe, a popular San Francisco-based international law firm.

The Take: The stolen data encompassed a vast array of information, including names, dates of birth, addresses, email addresses, and government-issued identification numbers like Social Security, passport, driver’s license, and tax identification numbers.

The Vector: The intrusion into Orrick’s network compromised a file share, revealing personal information and sensitive health data of victims.

This breach is a stark reminder of how authentication controls are in an overall robust cybersecurity posture, and that good password hygiene plays a pivotal role in protection.

Read more...