10Fold – Security Never Sleeps – 55

Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.

Big items to consider: Cancer treatment provider 21st Century Oncology Holdings has warned 2.2 million patients and employees that their sensitive data may have been stolen in a cyberattack. Home Depot Inc agreed to pay at least $19.5 million to compensate U.S. consumers harmed by a 2014 data breach affecting more than 50 million cardholders. According to the first-ever Dell Data Security Survey, nearly three in four (73%) of decision-makers are somewhat to very concerned about malware and advanced persistent threats (APTs)—despite the fact that most have anti-malware solutions in place. Guests who recently lodged at Rosen Hotels & Resorts properties in theme-park destination Orlando, Fla. must hope their data hasn’t been taken for a wild ride, after the hospitality company announced its properties have suffered a long-undiscovered payment card data breach.

Cancer Clinc Warns 2.2 Million Patients of Data Breach – Publication: ZDnet – Reporter name: Charlie Oborne

Cancer treatment provider 21st Century Oncology Holdings has warned 2.2 million patients and employees that their sensitive data may have been stolen in a cyberattack. The breach was revealed on March 4, but the Florida-based cancer clinic chain was informed of the cyberattack and information theft on November 13, 2015, by the FBI. The data breach may impact up to 2.2 million patients and physicians.


Home Depot Settles Consumer Lawsuit Over Big 2014 Data Breach – Publication: Reuters – Reporter name: Jonathan Stempel

Home Depot Inc agreed to pay at least $19.5 million to compensate U.S. consumers harmed by a 2014 data breach affecting more than 50 million cardholders. The home improvement retailer will set up a $13 million fund to reimburse shoppers for out-of-pocket losses, and spend at least $6.5 million to fund 1-1/2 years of cardholder identity protection services. Home Depot has said the breach affected people who used payment cards on its self-checkout terminals in U.S. and Canadian stores between April and September 2014.


Dell: Cloud, Mobility and Malware Keep Execs Up At Night – Publication: InfoSecurity – Reporter name:Tara Seals

According to the first-ever Dell Data Security Survey, nearly three in four (73%) of decision-makers are somewhat to very concerned about malware and advanced persistent threats (APTs)—despite the fact that most have anti-malware solutions in place. In fact, only about 20% of respondents said they are “very confident” in their ability to protect against sophisticated malware attacks. The report uncovered a clear trend of employers feeling that they have to limit mobility in order to protect data. The majority of respondents from mid-market companies (65%) said they are holding back plans to make their workforce more mobile, for security reasons.


Extended Stay: Data-Stealing Malware Hides On Rosen Hotels’ Payment Card Network For Over A Year – Publication: SC Magazine – Reporter name: Bradley Barth

Guests who recently lodged at Rosen Hotels & Resorts properties in theme-park destination Orlando, Fla. must hope their data hasn’t been taken for a wild ride, after the hospitality company announced its properties have suffered a long-undiscovered payment card data breach. Rosen confirmed that an investigation of its payment card network turned up malware capable of reading cards’ magnetic stripe data as it is routed through affected systems. Rosen did not indicate how many guests were likely affected; however the malware resided on its systems for well over a year, from Sept. 2, 2014 to Feb. 18, 2016. The company was finally alerted to the presence of malware in early February after receiving unconfirmed reports of fraudulent charges involving past guests.