In Brief A hospital that continued to admit patients during a ransomware attack has been sued over claims that a baby died after doctors and nurses failed to spot there was a problem due to networks being shut down.
Nicko Silar died after six months in intensive care after being born at Springhill Memorial Hospital with the umbilical cord wrapped around her neck, documents filed in the Alabama Circuit Court state [PDF]. The suit alleges that, because the hospital had shut down key networks, staff were reduced to using paper records, internal staff messaging services were down, and fetal monitoring devices were severely affected.
Nicko’s mother, Teiranni Kidd, was never told that the hospital was having computer problems, the suit claims, and would not have used the facility if she had known.
According to screenshots of texts sent that are admitted as evidence in the suit, the attending obstetrician that day, Katelyn Parnell, told the nurse manager of the birth: “I need u to help me understand why I was not notified,” the Wall Street Journal reported. According to another screenshot submitted in the suit, she also reportedly told a colleague: “It just sucks. Totally preventable. I know bad things happen and sometimes you can’t control it, but this was preventable.”
The hospital’s CEO told the Journal that he had to keep the hospital admitting patients because they needed treatment and the hospital’s doctors had deemed it safe to carry on operations.
Google pushes out four flaw fixes – two already being exploited
For those that don’t do it automatically it’s time to patch Chrome on Windows, Mac and Linux, after the Chocolate Factory moved to its 94.0.4606.71 browser build.
Of most concern are CVE-2021-37975 and CVE-2021-37976, both of which are being used by exploits Google has spotted in the wild. The former is an anonymously reported high-level use-after-free flaw in Chrome’s V8 JavaScript engine, and the latter is an information leak in core classified as a medium threat. Full details are in the advisory issued on Thursday.
The bundle also includes CVE-2021-37974, a high-level use after free flaw in Chrome’s Safe Browsing mode which earned its reporter, Weipeng Jiang of the Codesafe Team of Legendsec at Qi’anxin Technology Group, a $20,000 bounty. The final patch covers “Various fixes from internal audits, fuzzing and other initiatives,” Google said, which could cover a whole host of sins.
Coinbase admits 6,000 customers were robbed
Between March and May 20, 2021 around 6,000 Coinbase users had funds siphoned from their accounts by thieves, according to an incident report [PDF] filed in California.
“In this incident, for customers who use SMS texts for two-factor authentication, the third party took advantage of a flaw in Coinbase’s SMS Account Recovery process in order to receive an SMS two-factor authentication token and gain access to your account,” it said in a letter to customers, first reported by The Record.
The attackers had already stolen the user account names, passwords and control of the victim’s inbox, Coinbase said, adding that it has “not found any evidence” that the crucial information came from its servers. Instead, it has suggested a targeted phishing attack was used.
Some customers have already been reimbursed, Coinbase said, adding that anyone who lost funds would get their money back. Whether they’ll stay with the service after that may be a different matter.
Neiman Marcus not so fancy at security
High end US department store chain Neiman Marcus has admitted that 4.6 million customers had their credit card details and personal information stolen and the theft lay undiscovered for over a year.
The attack occurred in May 2020 (but wasn’t discovered until September 2021, and the thieves managed to get payment card numbers and expiration dates (but not CVV numbers), gift card details, and personal information including the usernames, passwords, and security question responses from customers. It has contacted the millions of affected people.
“3.1 million payment and virtual gift cards were affected, more than 85 per cent of which are expired or invalid,” the company said, although it did not add how many were viable in May 2020. Security investigators at Mandiant are looking into the attack. ®