Perry Johnson Associates data breach entangles Michigan politician. The breach is the second-largest healthcare data breach of 2023 and the 6th largest ever.
Eight Tips to Save Your Battery
Here are eight tips you can use to extend your smartphones battery life and keep your phone charged all day and say goodbye to midday charging!
Earth Day: Eco & Wallet-Friendly Phone Choices
This Earth Day, extend your eco-conscious efforts to your next cell phone purchase. Consider giving a refurbished device a new lease on life!
Artificial Intelligence – Impact on Passwords
Discover artificial intelligence impact on cybersecurity, password protection, and data safety strategies in our latest blog post.
Data Breach Ensnares Michigan Politician
Hardly a day goes by that another company announces a data breach. In 2023, 353 million people had their personal info stolen. One reason for this many data breaches is the rise in healthcare data breaches. Since 2020, the healthcare sector has recorded the most data breaches. Healthcare is digitizing and storing lots of sensitive data. This sensitive data is a desirable target for hackers. Attackers can re-use the stolen information. They can use it to run more attacks. These include ransomware, SPAM emails, phishing, vishing, and bogus websites.
One example of why breaches in the healthcare sector are increasing is Perry Johnson and Associates (PJ&A). PJ&A is a health care consulting and medical transcription firm. It is largest private provider of transcription services in the United States. They have offices in Troy MI at the world headquarters of Perry Johnson Inc. Perry Johnson, of Bloomfield Hills MI, heads the firm. His claim to fame is as a “quality guru.”
Politics
Johnson has a dubious political track-record. He spent more than $20 million of his own money to get elected. He ran for governor of Michigan, as a Republican in 2022. But, before the Republican primary, they removed him from the ballot. This was due to fraudulent and invalid petition signatures. Johnson later started a campaign to become the 2024 Republican candidate for president. He abandoned that effort in October 2023.
A data breach controversy has also ensnared Johnson. PJ&A suffered a data breach in March 2023. The PJ&A data breach is the second-largest healthcare data breach of 2023 and the 6th largest ever. The cyberattack exposed the medical and other personal data of at least 14 million people in the U.S. according to The HIPAA Journal, an online publication that covers the Health Insurance Portability and Accountability Act.
What Happened
PJ&A found unauthorized activity in its IT systems on May 2, 2023. It hired third-party cybersecurity experts to investigate the incident. The experts were assigned to find the attack’s nature and scope. They were to see if the attackers took sensitive data.
The investigation confirmed unauthorized network access. The unauthorized access occurred from March 27, 2023, to May 2, 2023. During this time, attackers got data from its clients. PJ&A told its clients about the cyberattack on July 21, 2023. In the following days, they confirmed unauthorized access to data.
Data compromised in data breach
Investigators completed the PJ&A data breach investigation on September 28, 2023. PJ&A said the information accessed by the unauthorized party included:
- Name,
- Address,
- Date of birth,
- Medical record number,
- Hospital account number,
- Admission diagnosis,
- Date/time of service,
- Social Security number,
- Insurance information,
- Medical and clinical information including:
- Laboratory and diagnostic testing results,
- Medications,
- The name of the treatment facility, and
- Healthcare provider name.
Who does the data breach impact?
Health care providers that have reported data breaches related to Perry Johnson & Associates:
- Concentra (NY) 01/09/2024, almost 4 million records.
- North Kansas City Hospital (MO) 01/05/2024, over 500,000 records.
- Cook County Health (IL) 1.2 million individuals.
- Northwell Health (NY) 3,891,565 individuals.
- Mercy Medical Center (IA) 97,132 patients.
rb-
In recent years, the healthcare industry has become a prime target for cyberattacks. Data breaches are a big threat to patient privacy and institutional integrity. The Perry Johnson & Associates incident shows the vulnerabilities in healthcare systems.
The repercussions of such a breach are far-reaching. This exposure could lead to identity theft and financial fraud. It affects individuals and reveals their personal and medical information.
For patients, the incident is a wake-up call. They need to guard their personal data. They must also watch their digital footprint. Consumers can take actions to protect against data misuse. These include placing a credit freeze. You can also take these additional steps:
- Place a credit freeze, which would prevent thieves from opening a new account in their name,
- Put a fraud alert on their credit report so lenders can take extra steps to verify your identity before issuing credit,
- Obtain copies of their medical records and review them for any errors,
- Contest unrecognized medical billing, and
- Inform your insurance company.
Related articles
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.
Eight Tips to Save Your Battery
Our lives center on smartphones today. But, even the newest device is useless if its battery dies often. The majority of modern smartphone devices use Lithium-ion (LI-ion) batteries to keep them running. Lithium-ion batteries are the high-end of the rechargeable battery industry. They are smaller in size, require low maintenance and are environmentally safer than older batteries. Here are some tips to extend your battery life. Follow these expert tips from Credo to keep your phone charged all day.
What is a Lithium-ion battery
Lithium-on batteries in mobile phones consist of an anode (typically made of graphite), a cathode (often composed of lithium cobalt oxide), a separator, an electrolyte, and two current collectors (positive and negative). They operate by transferring lithium ions from the anode to the cathode during discharge. This transfer creates free electrons in the anode which generate a charge at the positive current. This electrical current then powers the device.
When the battery is charged, the process is reversed, with the lithium ions moving from the cathode back to the anode. This allows the cycle to start again when the device is used.
How save your mobile phone battery
Charge Smart, Charge Often – Don’t wait for your battery to die. Today’s batteries like frequent top-ups. So, charge your phone often. Aim to keep it above 50% for best results.
Unplug at Full Charge – Once your battery hits 100%, unplug it. Trickle charging cuts its lifespan. Avoid smothering your phone under pillows or books.
Turn Off WiFi and Bluetooth – Switch off these features when not in use. This saves power. If you’re out and about running errands all day, the phone is going to attach any AP it can find. This increases the power drain. So, switching WiFi off will extend your charge and the overall life of your battery.
Identify the Culprits – Check which apps use the most power. You can delete them or adjust settings to save power. Credo reports that the four most power-hungry features are: camera, location, microphone and WiFi connection. When all those functions are running in the background, they’re burning up a lot of your charge. Cloud storage provider PCloud found the top 10 battery hogs to be:
Dim the Screen – Lower the screen brightness slightly to save your phone’s energy.
- On your iPhone, go to Settings > Accessibility > Display & Text Size > Turn off auto-brightness. Then, adjust the brightness bar until you’ve reached your desired level of brightness.
- On your Android device, tap Settings > Display > Tap the slider next to Adaptive brightness and switch it to the off position. Then, adjust the brightness bar until you’ve reached your desired level of brightness
Dark Mode Magic – Use dark mode for a stylish look and better battery life. It consumes less energy.
- On your iPhone, go to Settings > Display & Brightness. Select Dark to turn on Dark Mode.
- On your Android device, open Settings, tap Display, then toggle on Dark.
Upgrade Wisely – If your phone always needs charging, consider a new one with a better battery.
Rb-
Master these techniques to say goodbye to midday charging! Now, enjoy uninterrupted digital adventures!
Related articles
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.
How to Fight Misinformation on Social Media
Social media manipulation is on the rise as we approach the 2024 U.S. elections. Election time makes the battle against misinformation more crucial than ever. Social media platforms not only serve as conduits for information but also as breeding grounds for fake news. Here are some steps you can take to combat misinformation in today’s digital landscape. This guide offers suggestions to analyze social media content to discern its authenticity and how to report fake news on social media platforms.
Analyzing social media content for misinformation
Source Evaluation – Assess the credibility of the source by considering its reputation, expertise, and potential biases. Rely on official sources and reputable news organizations for accurate information. Ask yourself:
- Have I heard of the publisher before?
- Is this the source I think it is, or does it sound a bit like them?
Cross-Referencing – Verify the information across multiple sources to ensure its validity. Consistency among credible sources strengthens the reliability of the information. Check to see who else is writing about the claim.
- Has this been reported anywhere else?
Fact-Checking websites – Utilize fact-checking websites to verify the accuracy of the information presented in the post. I use:
- Snopes is one of the oldest and largest fact-checking sites online.
- FactCheck.org is an award-winning, fact-checking team at the Washington Post.
- PolitiFact is part of the nonprofit Poynter Institute and is focused on politics.
Check for Consistency – Look for coherence in the information presented across different sources. Inconsistencies may indicate false or misleading information. Ask yourself;
- Is there more than one piece of evidence for this claim?
Critical Thinking – Engage in critical thinking and scrutinize the content of the post. Analyze the language, tone, and context for potential signs of misinformation or manipulation.
- Can I point to where this happened on a map?
- Could this be something else?
Reporting misinformation on social media platforms – Most social media platforms have a way for users to flag content. Here is the way to report fake news on Facebook, LinkedIn, Google, YouTube and Microsoft.
Reporting misinformation on Facebook
1. To report misinformation on Facebook, click on the three dots (…) in the top right corner of the post.
2. Then select “Find support or report post.”
3. Choose the appropriate reason for reporting, such as “It’s false news.”
4. Facebook will reply.
To report misinformation on LinkedIn, the “professional networking” site from Microsoft, do the following.
1. Click on the three dots (…) in the top right corner of the post.
2. Select “Report post.”
3 – Another window appears. Select “Misinformation” (or other reasons as necessary).
Finally, the Submit page will appear.
5 – (Optional) Check the “Receive updates on this report” box, if want LinkedIn to inform you of any action they took.
6- Click the “Submit report” button to send your misinformation report to LinkedIn.
Reporting a website to Google will block it from loading in Google Chrome, Mozilla Firefox, Opera, and other browsers according to wikiHOW. It will also remove the site from Google search, and it will block emails that contain the site’s URL from arriving in Gmail. Reporting will also prevent the website from being linked to other Google products, such as reviews on Google Maps, or on YouTube and Blogger. To report a site to Google, follow these steps:
If you are using Chrome, scroll to the bottom of your search results. To start reporting misinformation to Google, Click on Quick Setting. The process is not the same on Firefox or Edge. The “Settings” side window appears.
1 – Select “Send feedback.”
The feedback window will pop up.
2- Type your feedback to Google in the text box.
3 – (Optional) – Click on “Provide Screenshot” to send a screen capture of the misinformation link.
4- Press “Submit” to complete
Google will acknowledge your report.
Alternately, If you need to report a phishing site to Google, go to Send a Report to Google.
To report misinformation that is represented as an ad on Google, go to their Report an ad or shopping listing site.
How to report misinformation on YouTube
Step-by-step instructions for reporting inappropriate YouTube content.
The Report Video pop-up appears.
3. Click “Misinformation”
4. Click Submit
The Report Video pop-up appears.
5- Provide a time when the misinformation appears in the video.
6 – (Optional) Provide additional details.
7- Submit
YouTube will acknowledge your report.
9 – Click “Close” to be done.
Microsoft
Reporting a website to Microsoft will block it in Internet Explorer and Microsoft Edge. According to WikiHow, reporting misinformation here it will remove links to the site in Bing, Yahoo search, and other search engines that use Bing as a back-end. It will also block emails containing the link in Outlook.com. To report a website to Microsoft, go to the Microsoft SmartScreen report page.
1 – Type the URL into the “Which site do you want to report box”.
2 – Specify which threat you found on the site. If the site is a phishing site, then select that button. For all other malicious sites, select the “Malware or other threats” button.
3 – Specify what language the site is in.
4 – Complete the CAPTCHA.
5 – Click Submit.
Microsoft will acknowledge your report.
While you review sites, remember that some sites may be scams that need to be reported to prevent unsuspecting web users from becoming victims. If you encounter a website that has get-rich-quick claims or sells items at prices that are just too good to be true, you should notify the FBI. The FBI takes reports of online scams at the Internet Crime Complaint Center.
Rb-
The fight against fake news demands a proactive approach. By applying critical analysis of the content and utilizing platform reporting mechanisms, you can contribute to fostering a digital environment where truth and integrity prevail. Together, let’s combat misinformation and uphold the standards of credible information dissemination.
Related articles
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.
Earth Day: Eco & Wallet-Friendly Phone Choices
Happy Earth Day! Today, we celebrate our planet and recommit to protecting its precious resources. But have you ever considered the environmental cost of the device you’re likely using to read this post? Our beloved cell phones, while undeniably convenient, have a hidden ecological impact.
A Phone’s Not-So-Green Journey
The biggest culprit? Cell phone production. Mining the rare earth elements that make up your phone’s components can lead to deforestation, water pollution, and air contamination. Manufacturing is energy-intensive, and transportation adds to the phone’s carbon footprint. Thus,cell phones contribute significantly to environmental degradation.
Another problem is electronic waste. We generate over 50 million tons a year and only about 17 percent of e-waste is recycled. The rest is dumped in landfills. Landfills overflowing with toxic chemicals from discarded phones pose a serious health risk. In the landfill they leech heavy metals and other toxins into the ground, the groundwater, and often into nearby crops.
How to be part of the solution this earth day
Here’s one way to help. Next time you’re buying a new electronic device, buy refurbished. Refurbished electronics have come a long way. These days, they’re virtually the same as new. They’re reliable, affordable, and available direct from manufacturers like Apple, Samsung, Bose, and Microsoft. They should work like new and have plenty of life left in them.
Refurbished phones are pre-owned devices that have been professionally inspected, repaired, and restored to full functionality. They offer a treasure trove of benefits, both for your wallet and the environment. In a properly refurbished device, tired batteries and damaged parts have been replaced. They should work like new and they should have a lot of life left in them.
Unlike most used devices, refurbished devices from reputable sellers often come with a warranty, sometimes for up to a year. If you find a seller that does not offer a warranty, look elsewhere.
Why buy a refurbished phone
Here are some reasons to consider a refurbished phone on Earth Day (and every day!):
- Reduced E-Waste: Every year, millions of discarded phones end up in landfills, leaching harmful toxins and creating a growing environmental problem. Buying refurbished keeps these devices in circulation and reduces the need for new phone production, which requires significant energy and raw materials.
- Eco-Friendly Materials: By choosing refurbished, you forgo the environmental impact of mining new materials to create a brand new phone. While some refurbished phones may come with new cases, you’re still significantly reducing your footprint.
- Budget-Friendly Savings: Refurbished phones are significantly cheaper than their brand new counterparts, often at a fraction of the cost. This allows you to access high-tech features without breaking the bank.
- Quality You Can Trust: Reputable refurbished phone sellers thoroughly test and clean their devices. Many even come with warranty protections, so you can be confident you’re getting a quality product.
Manufacturer Refurbished Programs
Many electronics manufacturers offer certified preowned programs. They sell refurbished mobile phones devices with a manufacturer’s warranty. Most manufacturers inspect them, repair them with original parts, replace the batteries, and then test them. They do a thorough job of wiping all data from previous owners and return devices to a fresh state.
- Apple’s refurbished site offers Macs, iPads, iPhones, Apple Watches, AirPods and more.
- Google’s refurbished site offers all Google products.
- Samsung’s refurbished site sells only Galaxy phones, no other Samsung devices or electronics.
This Earth Day you can also get refurbished tech toys.
- Microsoft’s refurbished site offers Surface devices and Xbox gaming consoles.
- You can also find refurbished audio equipment. Bose, Sonos, and JBL have sites selling refurbished headphones, earbuds, and soundbars.
Trustworthy Retailers
Major electronics retailers often have dedicated sections to certified refurbished phones. The downside of retail sites is that the refurbishment probably has been done by a third party. The upside is that these sites have a wide variety of devices to choose from, all in one place.
eBay Refurbished has Apple, Samsung, Bose, Acer, Dell, HP, Sony, and much more. All devices are refurbished, functional and come with a 1-year or 2-year warranty. You can choose from various conditions and pay more or less, depending on how “new” you want your device to look. All devices can be returned for free within a 30-day window.
Newegg, an online electronics retailer, has a large site dedicated to refurbished products, ranging from desktops to servers to laptops to phones.
CREDO Mobile has refurbished Apple, Google and Samsung phones on sale.
Most big-box retailers like Walmart and Target have a site selling refurbished electronics. The warranties they offer are often not as extensive as those provided by manufacturers, or they may not offer warranties at all, so proceed with caution.
And then there is Amazon
I do not recommend Amazon, especially on Earth Day. Amazon’s net impact on the Earth is immense and largely negative. Amazon generated 71.54 million metric tons of carbon dioxide equivalent last year, about as much pollution as 180 gas-fired power plants might pump out annually. Also, in 2021, Amazon generated enough plastic waste to cover the planet in 800 layers. In 2022 Amazon’s plastic packaging waste in US was up 9.6% to 208 million pounds. The increases happened as insiders say Amazon would have “no problem” switching to plastic-free packaging but lacks the will.
However, Amazon is a convenient option. You probably already have an account there. Amazon Renewed has an Amazon-size selection of refurbished stuff, much of it electronics. All of it is inspected, tested and comes with a 90-day warranty.
Independent Sellers
There are many online marketplaces where reputable sellers offer refurbished phones. Before making a purchase, be sure to check seller reviews and warranty information.
rb-
This Earth Day, why not extend your eco-conscious efforts to your next tech purchase? Consider giving a refurbished phone a new lease on life!
Artificial Intelligence – Impact on Passwords
Artificial intelligence (AI) is revolutionizing our lives. Brookings, says it is transforming every walk of life, including cybersecurity. In this blog post, we will explore how emerging AI technologies affect password protection. We also discuss strategies to enhance the security of our personal and professional data.
AI adds additional complexity to the security landscape. ISC2 found that 75% of cybersecurity professionals reported that artificial intelligence is already being used to launch cyberattacks and other malicious criminal acts. The threats include advanced password-cracking techniques like brute-force attacks and social engineering. Furthermore, AI-generated phishing attacks can deceive users into revealing sensitive information. Here are some strategies to bolster your defense mechanisms and protect your digital assets.
Enhanced Security Measures for Passwords
Let’s take a pragmatic look at some advanced security protocols:
Adapting CAPTCHA
CAPTCHA was originally designed in 2000 at Carnegie Mellon, to distinguish humans from bots. It is evolving to stay effective amidst developing threats. The efficacy of traditional puzzles is diminishing as bots become more sophisticated. Google has revised the original CAPTCHA to reCAPTCHA.
Traditional CAPTCHAs face vulnerabilities including accessibility issues, automation bypass, user frustration, and limited effectiveness. Google’s reCAPTCHA addresses these by employing advanced risk analysis, adaptive challenges, and improved accessibility features. It also supports integration with Google services, enhancing security against automated attacks while ensuring a smoother user experience.
Multi-Factor Authentication (MFA) Adoption
You can fight artificial intelligence based attacks by implementing MFA and 2FA. These mechanisms offer an additional layer of protection beyond passwords. They require users to provide multiple forms of authentication such as biometrics or security tokens. This extra layer of verification significantly reduces the risk of unauthorized access, even if one factor is compromised. While effective, the implementation of MFA requires careful consideration of usability and security trade-offs.
Single Sign-On (SSO) Solutions
Another way to fight artificial intelligence is to implement a single sign-on (SSO) user authentication solution. SSO’s enable seamless access to multiple applications using a single set of credentials. While convenient, SSO implementations must be carefully configured to balance ease of use with security considerations. SSOs require careful configuration and monitoring. Single sign-on solutions pose risks like a single point of failure. If an SSO is compromised, access to multiple systems is jeopardized
Passwordless Authentication to fight Artificial Intelligence hacks
Here are some alternative authentication methods:
One-Time Passwords (OTP)
A one-time password (OTP) can be a defense against artificial intelligence based attacks. OTP is an automatically generated string of characters that authenticates a user for a single transaction or login session. OTPs offer temporary authentication codes delivered via email, text, or authenticator apps. While effective, the reliance on external communication channels introduces potential vulnerabilities.
Magic Links
Sites set up with magic links are another way to fight artificial intelligence threats. Magic links ask users for an email address, not a password. Then the application generates a link with an embedded token and sends it via email. The user then opens the email, clicks the link, and is granted access to the given app or service. Magic links provide an alternative to traditional username/password authentication by leveraging email verification.
While user-friendly, this method may introduce security risks associated with email interception. They are weak because email accounts remain prime targets for phishing and credential-stuffing attacks. An attacker who gains access to a victim’s email account can fraudulently use magic links to access other applications.
Biometric Authentication
Biometric solutions, such as fingerprint or facial recognition, offer convenient and secure authentication. However, the reliance on hardware and platform compatibility may limit widespread adoption.
Biometric authentication relies on specialized hardware like fingerprint scanners or facial recognition sensors, leading to dependency on device compatibility and reliability. Ensuring consistent performance across various platforms and mitigating vulnerabilities in hardware are essential to maintain security and user trust.
Navigating the Transition
While the transition to passwordless authentication holds promise, it presents practical challenges and considerations:
Technological Investment
Adopting advanced authentication methods requires investment in new technologies and infrastructure. Organizations must weigh the benefits of enhanced security against the costs of implementation and maintenance.
User Acceptance
User acceptance plays a crucial role in the adoption of passwordless authentication methods. Organizations must prioritize user experience and provide adequate support and education to facilitate the transition.
Regulatory Compliance
Compliance with industry regulations and standards, especially in Europe, may influence the adoption of passwordless authentication methods. Organizations must ensure alignment with regulatory requirements while enhancing security measures.
rb-
In conclusion, the battle against artificial intelligence based cybersecurity threats is already here. Some steps can taken to fight these challenges. Many of the new protections require changes to the business as usual. By carefully evaluating the benefits and considerations of alternative authentication methods, organizations can navigate this transition effectively and safeguard their digital assets in an increasingly complex threat landscape.
Related article
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.