HIPAA Journal reminds us all that states can require notification to the state of breaches that are also covered by HIPAA and can take enforcement action if they are not reported: Recently, there have been several instances where the California DOJ has not been notified about ransomware attacks on California healthcare facilities, even though the…
Author: Dissent
Nearly 73,500 patients’ data affected in ransomware attack on eye clinic in Singapore
Kenny Chee reports: A ransomware attack earlier this month has affected the personal data and clinical information of nearly 73,500 patients of a private eye clinic, the third such reported incident in a month. The information included names, addresses, identity card numbers, contact details and clinical information such as patients’ clinical notes and eye scans,…
Man Robbed of 16 Bitcoin Sues Young Thieves’ Parents
Brian Krebs reports: In 2018, Andrew Schober was digitally mugged for approximately $1 million worth of bitcoin. After several years of working with investigators, Schober says he’s confident he has located two young men in the United Kingdom responsible for developing a clever piece of digital clipboard-stealing malware that let them siphon his crypto holdings….
Fresno Unified School District notifying people after discovering backup device with names and SSNs was missing
The Fresno Unified School District experienced a breach when they discovered in March that specific storage media used to perform computer backups was missing from storage. According to their notification to the California Attorney General’s Office, the missing storage media contained names and Social Security numbers. The notification does not mention whether this was just employee…
Advisories are published, but are enough entities reading them and taking precautions?
Three advisories have been released this week about threat actor groups. One involves ALTDOS, one involves HIVE, and one involves the “OnePercent Group,” whose name may not sound familiar to many. ALTDOS (Joint Advisory) It appears that ALTDOS is getting some serious attention from Singapore’s CSA and other agencies in Singapore. These threat actors who…
Metro Infectious Disease Consultants Notifies 171,740 Individuals of Privacy Incident
On June 24, 2021, Metro Infectious Disease Consultant (MIDC) learned that some individuals’ personal information could have been accessed when an unauthorized third party gained access to certain employees’ email accounts. MIDC has no reason to believe that anyone’s personal information has been misused for the purpose of committing fraud or identity theft or that…