The Office of Inadequate Security
On March 25, DataBreaches entered Teton Orthopaedics’ name on a monthly worksheet this site uses for tracking breaches in the healthcare sector. The entry wasn’t based on any report by Teton Orthopaedics or media, and DataBreaches had been unable to find any notice by the provider. The entry was based on a claim by the…
DataBreaches is trying to keep up with updates from PowerSchool, but from the outset, DataBreaches has recommended districts, parents, and teachers assume the worst — i.e., assume that all of the data really weren’t deleted permanently. On the premise of better safe than sorry, and reminding people that PowerSchool’s attorney is not YOUR attorney, here…
Samaya Dharmaraj reports: In an era where digital transformation shapes every aspect of governance, business, and daily life, safeguarding citizens’ personal data has become a top priority for India. Recognising the critical need for a secure andaccountable digital ecosystem, the government has taken significant steps to establish a robust framework for data protection and cyber resilience. At…
Chris Riotta reports: The U.S. Department of Health and Human Services is ramping up digital efforts to protect Americans in a year that’s witnessed hackers targeting sensitive patient data and major breaches at Ascension and UnitedHealth. HHS is set to unveil a notice of proposed rulemaking requiring healthcare companies to encrypt data, conduct routine compliance…
Aaron Sanderford reports: Nebraska on Monday became the first state to sue Tennessee-based Change Healthcare over the company’s massive data breach that cost at least 575,000 Nebraskans their personal information and medical records. … The breach was blamed on a low-level employee who had his or her login credentials hacked. Nebraska Attorney General Mike Hilgers…
Maybe some victims will decide not to pay ransom since they will have to disclose the payment anyway? Jayant Chakravart reports: The Australian government’s proposed cybersecurity legislation passed both houses of the Parliament on Monday, formalizing the government’s strategy to boost ransomware payment reporting, mandate basic cybersecurity standards for connected devices and enhance critical infrastructure…