Samantha Hawkins reports: Excellus Health Plan Inc. will settle a data breach lawsuit with a certified class over a 2013 hacking incident that compromised the personal data of approximately 10 million policyholders. Matthew Fero, who filed the suit against Excellus and several associated healthcare companies in 2015, claims that customers’ personal identifying information, Social Security…
Author: Dissent
State Bar of Georgia investigating cyberattack
From an undated notice on their home page: The State Bar of Georgia recently learned of unauthorized access to its network. Upon learning of the unauthorized access, we immediately took steps to secure the network, a cybersecurity firm was engaged and a thorough investigation is being conducted. An endpoint detection and response system is being…
North Carolina Becomes First State to Prohibit Public Entities from Paying Ransoms
Hunton Andrews Kurth writes: On April 5, 2022, North Carolina became the first state in the U.S. to prohibit state agencies and local government entities from paying a ransom following a ransomware attack. North Carolina’s new law, which was passed as part of the state’s 2021-2022 budget appropriations, prohibits government entities from paying a ransom to…
Nobody Knows Where the Red Line Is for Cyberwarfare
Katrina Manson reports: A common explanation for why the Soviet Union never used nuclear weapons during the Cold War was the expectation that any attack would likely prompt a devastating nuclear response. The fear of mutually assured destruction was enough to keep both the USSR and the U.S. from launching a nuclear attack, even as…
Conti ransomware group responsible for RIPTA cyberattack
Tolly Taylor reports: The ransom note the Rhode Island Public Transit Authority received on Aug. 5 began with a chilling statement. “All of your files are currently encrypted by Conti strain,” the cyberhackers wrote. The next day, RIPTA hired Coveware Inc., a firm that helps entities recover hacked data, according to new documents obtained by…
Health startup myNurse to shut down after data breach exposed health records
Zack Whittaker reports: myNurse, a healthcare startup that provides chronic care management and remote patient monitoring services, said it will shut down at the end of the month after reporting a data breach that exposed personal health information of its users. The startup, which launched as Salusive Health, said in a data breach notice filed…