PA News Agency reports that as a result of the attack, more than 10,000 appointments were cancelled at the two London NHS trusts that were worst affected, and a significant number of GP practices in London were unable to order blood tests for their patients. Now the Health Service Journal (HSJ) [paywalled] has reported that…
Year: 2025
DOJ’s Data Security Program: Key Compliance Considerations for Impacted Entities
Eleanor M. Ross, Cassidy Kim, Olivia Bellini of Greenberg Traurig, LLP write: On April 11, 2025, the DOJ’s National Security Division (NSD) issued a Compliance Guide, Implementation and Enforcement Policy, and FAQs for its Data Security Program (DSP), finalized pursuant to Executive Order 14117 and the 28 C.F.R. Part 202. The DSP is primarily designed to prevent certain cross-border data flows…
UBS reports data leak after cyber attack on provider, client data unaffected
Chain IQ said it and 19 other companies had been the target of a cyber-attack resulting in a data leak that was published online on the darknet. CNA reports: Swiss bank UBS on Wednesday said it had suffered a data leak due to a cyber attack against one of its providers, but that no client…
Scania confirms insurance claim data breach in extortion attempt
Bill Toulas reports: Automotive giant Scania confirmed it suffered a cybersecurity incident where threat actors used compromised credentials to breach its Financial Services systems and steal insurance claim documents. Scania told BleepingComputer that the attackers emailed several Scania employees, threatening to leak the data online unless their demands were met. … Late last week, threat…
Cybersecurity takes a big hit in new Trump executive order
A recent executive order is taking federal cybersecurity requirements a few step backwards. Is there anything positive about it? Dan Goodin reports: Cybersecurity practitioners are voicing concerns over a recent executive order issued by the White House that guts requirements for: securing software the government uses, punishing people who compromise sensitive networks, preparing new encryption…
Episource notifying 5.4 million patients of cyberattack in January
Episource, LLC, is a business associate that provides healthcare technology and solutions, specializing in medical coding, risk adjustment, and data analytics for health plans and providers. On February 6, anomalous activity in their system alerted Episource to a potential attack. In response, they shut down computer systems, initiated an investigation, called in a special team,…