HHS added ten listings to its public leak site today, all of which are part of the Integrated Oncology Network (“ION”). See update to 20 listings. According to its substitute notice, on May 9, ION concluded an investigation of a phishing incident that occurred between December 13 and December 16, 2024. The incident resulted in…
Author: Dissent
HHS’ Office for Civil Rights Settles HIPAA Privacy and Security Rule Investigation with Deer Oaks Behavioral Health for $225k and a Corrective Action Plan
In October 2023, Deer Oaks Behavioral Health in Texas disclosed a ransomware attack that affected 171,871 patients, which they discovered on September 1, 2023. LockBit3.0 claimed responsibility at the time and leaked data from the incident. Today, HHS OCR announced a settlement with Deer Oaks following an expanded investigation that had been opened after an…
HB1127 Explained: North Dakota’s New InfoSec Requirements for Financial Corporations
Joseph J. Lazzarotti & Rachel A. Jacob of JacksonLewis write: Earlier this year, North Dakota’s Governor signed HB 1127, which introduces new compliance obligations for financial corporations operating in North Dakota. This new law will take effect on August 1, 2025. The law applies to certain “financial corporations.” Under the law, financial corporation means all entities regulated by…
Credit reports among personal data of 190,000 breached, put for sale on Dark Web; IT vendor fined
Ian Cheng reports: IT vendor Ezynetic has been fined $17,500 for failing to protect its clients’ data, which resulted in more than 190,000 individuals’ personal data being stolen and put for sale on the Dark Web. Ezynetic had failed to put in place reasonable security arrangements to protect the personal data in its possession or…
Five youths arrested on suspicion of phishing
Dutch police report: Last week, the police arrested five young people on suspicion of phishing. On Tuesday 1 July, four minors aged 14 and 17 from Lelystad were arrested, and on Wednesday 2 July, a 21-year-old suspect from Lelystad was arrested. The police in Flevoland started an investigation some time ago after receiving reports of…
Russia Jailed Hacker Who Worked for Ukrainian Intelligence to Launch Cyberattacks on Critical Infrastructure
Tushar Subhra Dutta reports: Russian Federal Security Service (FSB) officers have detained two hackers in Siberia who conducted cyberattacks on critical infrastructure facilities under direct orders from Ukrainian intelligence services. The simultaneous arrests in the Kemerovo and Tomsk regions exposed a sophisticated cyber espionage network targeting Russia’s governmental, industrial, and financial information systems. The primary suspect, a…