Alex Evans reports: Unauthorized access of HIPAA-protected information by county employee, largely flies under the radar. Six-months after the Douglas County Department of Health and Human Services determined an employee had accessed protected personal and health information without authorization, a notice appeared on the county’s website. That notice can be found here. Fox21 reports some…
Ascension cyberattack exposed personal data of 5.6 million people
Sarah Volpenhein reports: Nearly 5.6 million people were affected in the ransomware attack that hit Ascension in May, the national health system now says. Until now, the health system had not publicly disclosed the total number of people affected by the May ransomware attack that compromised patient data and ultimately caused major disruptions to patient…
Illinois Department of Human Services phishing attack affected more than 1.1M public assistance clients
Their substitute notice, as published on Effingham Radio: Springfield, IL-(Effingham Radio)- Pursuant to the requirements of the Illinois Personal Information Protection Act (PIPA), 815 ILCS 530/12, the Illinois Department of Human Services (IDHS) is notifying the media of an incident within IDHS State of Illinois email accounts: On April 25, 2024, IDHS experienced a privacy breach….
US Court Finds NSO Liable For Hacking Of WhatsApp Using Pegasus Malware
Gursimran Kaur Bakshi reports: In a summary judgment, Judge Phyllis Hamilton of the US District Court in Oakland, Northern District of California has found Israeli-mercenary’s surveillance firm NSO Group Technologies (also known as Q Cyber Technologies) liable for the hacking of Meta’s Whatsapp through its state-of-the-art military-grade malware Pegasus. The Court has found that NSO violated the Computer Fraud…
No need to hack when it’s leaking: Rapido edition
Jagmeet Singh reports: Rapido, a popular ride-hailing platform in India, has fixed a security issue that exposed personal information associated with its users and drivers, TechCrunch has exclusively learned. The flaw, discovered by security researcher Renganathan P, was related to a website form meant to collect feedback from Rapido auto-rickshaw users and drivers. The form…
FTC Finalizes Order with Marriott and Starwood Requiring Them to Implement a Robust Data Security Program to Address Security Failures
The Federal Trade Commission finalized an order requiring Marriott International, Inc. and its subsidiary Starwood Hotels & Resorts Worldwide LLC to implement a comprehensive information security program to settle charges that the companies failed to implement reasonable data security, which led to three large data breaches affecting more than 344 million customers worldwide. In a complaint first…