Paulina Okunytė reports: After allegedly paying nearly $400,000 for a ransom in May, AT&T is reaching for its wallet again. This time, it’s to settle a cloud breach investigation led by the FCC. In a press release on September 17th, 2024, the Federal Communications Commission (FCC) announced a $13 million settlement with AT&T to resolve…
Category: Subcontractor
UK: Data on nearly 1 million NHS patients leaked online following Qilin ransomware attack on London hospitals
Alexander Martin reports: People with symptoms of sensitive medical conditions, including cancer and sexually transmitted infections, are among almost a million individuals who had their personal information published online following a ransomware attack that disrupted NHS hospitals in London earlier this year, according to an analysis shared with Recorded Future News. The examination by CaseMatrix, a company…
Everything old is new again? MCNA Dental allegedly suffers second big data breach of PHI
The Everest Ransomware Team has a new post on their leak site: Company has the last 24 hours to contact us using the instructions left.In case of silence, all data will be published More than 1 million personal EMR’s + different internal company documents But was this a new incident or were they just trying…
Business Associate Agreements Matter: Demystifying the Perceived Simplicity of HIPAA Agreements
Shalyn Watkins of Holland & Knight writes: For most healthcare providers and businesses, signing a Business Associate Agreement (BAA) is a standard practice. When contracting to provide services with an entity governed by the Health Insurance Portability and Accountability Act (HIPAA), it is a requirement that the entity enter into a business associate contract, also…
From the “I Wouldn’t Hold My Breath Department”
We understand why courts issue such injunctions and rulings, but still… PA News Agency reports: Hackers responsible for a cyber attack that led to more than 10,000 NHS appointments being cancelled have been ordered by a High Court judge to “unmask” themselves and return or delete stolen data. Pathology services provider Synnovis was targeted by…
Surgery Center of Mid Florida notifies patients of February ransomware attack
On or about February 21, Surgery Center of Mid Florida (“SCOMF”) experienced a ransomware attack. No group has publicly claimed responsibility for the attack, but it originated with an attack on their now-former IT vendor. The attack on the unnamed vendor gave the attackers access to SCOMF. In August, SCOMF notified regulators, explaining, in part:…