HHS OCR has announced a second enforcement settlement in a ransomware case. The 2019 breach involving Green Ridge Behavioral Health managed to fly mostly under the media radar at the time. DataBreaches was not even aware that it was a ransomware attack as when this site contacted Green Ridge back then to inquire about the…
Author: Dissent
Hack at Services Firm Hits 2.4 Million Eye Doctor Patients
Marianne Kolbasuk McGee reports: Medical Management Resource Group, which does business as American Vision Partners, works with – and “shares” a management system, IT and infrastructure with – 12 practices, according to its website. The incident involved the hack of a network server and affected more than 2.35 million individuals, the company said in a…
Data Breach Putative Class Action Questions Whether Broker Was Swift Enough in Notice and Response
Andrea DeField and Matthew J. Revis of Hunton Andrews Kurth write: While America was tuned into the big game, one California insurance broker faced its own treacherous showdown in the form of a putative class action filed on February 8, 2024 stemming from a data breach. With cyber incidents still on the rise, this is a story…
Reward Offers for Information on LockBit Leaders and Designating Affiliates
LockBitSupp, the top honcho at LockBit, always complained that there was no reward for him. He even offered a reward for anyone who could identify him. He should be so pleased by this latest announcement from the Department of State: The Department of State is announcing reward offers totaling up to $15 million for information…
Au: Privacy Watchdog to investigate HWL Ebsworth over security and notifications
Jeremy Nadel reports: The investigation will cover whether the law firm violated the Privacy Act by failing to protect sensitive data or properly notifying individuals affected by the breach. The breach saw 1.1TB of data lost to hackers and impacted 65 government agency clients’ data as well as data belonging to private firms as well. The Office of…
Updating: In “Cronos,” law enforcement took down 34 Lockbit servers
As reported yesterday, law enforcement seized control of LockBit’s leak site and infrastructure. Attempts to view their leak site today show that the seizure notice has been replaced with a page that links to different information on LockBit’ seizure and law enforcement activities: Europol also released more information about the operations: The months-long operation…