MedEvolve, a practice management software vendor, exposed the data of 205,000 patients due to a misconfigured FTP server. The server allowed anonymous login, did not require login credentials, and failed to display a banner warning users to keep out of patient files. Out of the exposed database, two clients – Premier Urgent Care and Beverly Held, MD – were left without password protection. The database contained over 11,000 records with Social Security numbers. The issue has been resolved and the company is working to prevent recurrence and protect patient data.
FBI erases China-sponsored malware from thousands of U.S. computers
The FBI has deleted malware from over 4,000 computers across the US, which was under the control of China state-sponsored hacker group, Mustang Panda. Active
