The Federal Trade Commission today issued a policy statement affirming that health apps and connected devices that collect or use consumers’ health information must comply with the Health Breach Notification Rule, which requires that they notify consumers and others when their health data is breached. In a policy statement adopted during an open meeting, the Commission noted…
Author: Dissent
Kaspersky releases its first Transparency Report
Kaspersky has released its first transparency report concerning requests received from government and law enforcement agencies, and users for data and technical expertise in 2020 and H1 2021. Kaspersky has publicly shared its approach in responding to requests from global government and law enforcement agencies for two categories: user data and technical expertise. It also…
Walgreens’ Covid-19 test registration system exposed — and still exposes? — patient data
Sara Morrison reports: If you got a Covid-19 test at Walgreens, your personal data — including your name, date of birth, gender identity, phone number, address, and email — was left on the open web for potentially anyone to see and for the multiple ad trackers on Walgreens’ site to collect. In some cases, even…
US fines former NSA employees who provided hacker-for-hire services to UAE
Catalin Cimpanu reports: The US Department of Justice has fined three former NSA employees who worked as hackers-for-hire for a United Arab Emirates cybersecurity company. Marc Baier, 49, Ryan Adams, 34, and Daniel Gericke, 40, broke US export control laws that require companies and individuals to obtain a special license from the State Department’s Directorate of Defense…
Northern Light Health reports data breach linked to Blackbaud incident
We are still first learning about Blackbaud clients impacted by their ransomware attack more than one year ago. We knew about some of the following, but not all. WGME reports: A Maine hospital says some patient information may have been stolen by hackers. Northern Light Health says information from its fundraising arm was also exposed….
OR: Southeast Health Center break-in compromises personal information of about 700 people
Multnomah County in Oregon is notifying some applicants for the Oregon Health Plan whose information may have been accessed during a break-in. The break-in occurred while the Health Center was closed for construction on August 4. Files in the cabinets included applicant records with name, date of birth, address, email address, Social Security number, insurance…