Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a settlement with PIH Health, Inc. (PIH), a California health care network, over potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The violations stem from a phishing attack that exposed unsecured electronic protected health…
Year: 2025
High court upholds damages in ICBC privacy breach that resulted in shootings, arson
Long-time readers may recall a truly frightening insider breach at the Insurance Corporation of British Columbia (ICBC) that resulted in cases of arson and people being shot at. The breach was first disclosed in 2011. An employee had reportedly accessed personal information on 65 people. We would later learn that Candy Elaine Rheaume had accessed…
County auditor ordered to pay $80k after cyberattack
Employees screw up frequently. They fall for phishing attacks, or click on links they shouldn’t click on. And in some cases, funds get wired to fraudulent accounts. But how often have you read about an employee having to replace stolen funds? WKBN in Ohio reports: A Trumbull County judge has ordered County Auditor Martha Yoder…
Blue Shield of California shared the health data of 4.7 million people with Google for years
Jonathan Greig reports: The sensitive healthcare information of millions in the U.S. has been leaked through data breaches that multiple insurance companies, clinics, hospitals and more reported recently. The largest involves Blue Shield of California, which informed the U.S. Department of Health and Human Services (HHS) of an incident impacting 4.7 million people. In breach notification…
Former U.S. Army Intelligence Analyst Sentenced for Selling Sensitive Military Information to Individual Tied to Chinese Government
A press release from the DOJ: A former U.S. Army intelligence analyst was sentenced today to 84 months in prison for conspiring to collect and transmit national defense information, including sensitive, non-public U.S. military information, to an individual he believed was affiliated with the Chinese government. Korbein Schultz, 25, of Wills Point, Texas, pleaded guilty in August…
Au: Hacking suspect nabbed over court file data breach
Farid Farid reports: A man has been charged with hacking Australia’s largest online court-filing system, but authorities believe the cyber crime hasn’t compromised any personal data. […] “NSW Police Cybercrime Squad detectives have laid charges in relation to last month’s serious data breach involving the Department of Communities and Justice,” Police Minister Yasmin Catley said…