U.S. Dermatology Partners, which has over 100 locations across eight states, recently posted a notice of a data security incident on its website. As stated in their notice: On June 19, 2024, USDP experienced a network disruption. Upon detecting the incident, we quickly took steps to secure our network, immediately initiated our incident response processes…
Oklahoma Expands its Security Breach Notification Law
Melissa Pascualini of Jackson Lewis The Oklahoma State Legislature recently enacted Senate Bill 626, amending its Security Breach Notification Act, effective January 1, 2026, to address gaps in the state’s current cybersecurity framework (the “Amendment”). The Amendment includes new definitions, mandates reporting to the state Attorney General, clarifies compliance with similar laws, and provides revised penalty…
Ransomware group Gunra claims to have exfiltrated 450 million patient records from American Hospital Dubai.
A relatively new ransomware group calling themself “Gunra” has shown it has no compunction about attacking hospitals. They have reportedly locked — and have started leaking information from — the American Hospital in Dubai (AHD). In its first listing concerning this attack, Gunra claimed to have exfiltrated the entire Cerner Millenium database (now known as…
North Shore University Sleep Disorders Center employee charged with secretly recording patients in restrooms
On May 23, the North Shore University Sleep Disorders Center in New York notified HHS that 13,332 patients were affected by a breach that it coded as “Unauthorized Access/Disclosure” of data located “Other.” While the number affected might not seem unusually disturbing in this day and age of big breaches, the circumstances of the breach…
When ransomware listings create confusion as to who the victim was
When a ransomware gang names one target but links to another target or posts a description of a different target, journalists and researchers may understandably be left wondering who was attacked. If the threat actors have posted proof of claims, it may be possible to figure out who the target was, but with no proof…
Rajkot civic body’s GIS website hit by cyber attack, over 400 GB data feared stolen
Adan Khan reports: A suspected cyber attack has targeted the website of the Rajkot Municipal Corporation (RMC), triggering concerns over the possible theft of sensitive civic data. The breach came to light recently, sparking fear among residents, as officials suspect that over 400 GB of data may have been compromised. According to sources, the stolen…