It appears that a ransomware incident involving VPN Solutions LLC may have affected a number of covered entities, although so far, DataBreaches.net has only identified two confirmed cases: Surgery Group SC On December 17, Surgery Group SC in Illinois notified HHS about an incident impacting 500 patients. DataBreaches.net interprets that 500 number as a marker…
Author: Dissent
Virtual Care Provider Sues Rivals, Alleging Data Theft, Patent Violation
Anuja Vaidya reports: MDsave, a direct-to-consumer virtual marketplace for healthcare services, has filed a lawsuit against three of its competitors alleging they stole and exploited MDSave’s protected data and intellectual property. The lawsuit accuses the defendants, Sesame, Green Imaging, and Tripment, of misappropriating MDSave’s protected data, falsely advertising their services, directly interfering with MDSave’s relationships with its…
Ransomware gang coughs up decryptor after realizing they hit the police
Lawrence Abrams reports: The AvosLocker ransomware operation provided a free decryptor after learning they encrypted a US government agency. Last month, a US police department was breached by AvosLocker, who encrypted devices and stole data during the attack. However, according to a screenshot shared by security researcher pancak3, after learning that the victim was a government…
Indian authorities set to tighten data breach laws in 2022
Stephen Pritchard reports: Authorities in India are set to clamp down on data breaches and tighten rules for holding sensitive data, according to local media reports. Organizations will be forced to disclose data breaches within 72 hours, bringing India in line with territories such as the EU, which mandates breach disclosures under its General Data Protection Regulation…
NY State Comptroller DiNapoli Releases School District Audits
NY State Comtroller DiNapoli released more school district audits last week. As always, DataBreaches.net looked to see what audits concerned IT security. New Rochelle City School District – Information Technology (2021M-142) Issued Date: December 17, 2021 Audit Objective Determine whether New Rochelle City School District (District) officials established adequate controls over network and financial application…
HIPAA Enforcement by State Attorneys General
HIPAAJournal has a nice piece on HIPAA enforcement action over the years by state attorneys general. You can access it here.