In February 2020, DataBreaches reported that patients of Community Care Physicians in New York may have had their protected health information, date of birth, and insurance coverage exposed as a result of a ransomware attack by Maze Team at the Albany-based accounting firm BST & Co. CPAs. The incident was reported at the time to…
Category: Breach Laws
NYDFS Secures $2 Million Cybersecurity Settlement with Healthplex, Inc.
There is an update to a phishing incident in 2021 that impacted more than 89,000 people with Healthplex dental insurance. DataBreaches notes that the NYDFS settlement announced below is not the first settlement stemming from this incident. In December 2023, the NY Attorney General’s Office announced a $400,000 settlement with Healthplex. Both the 2023 and…
Appeals Court Upholds FCC Data Breach Rules for Hacked Telecoms
Kartikay Mehrotra reports: A federal appeals court delivered a victory to the Federal Communications Commission on Wednesday by upholding new and controversial data breach reporting requirements for telecommunications companies targeted in cyberattacks. The court rejected consolidated challenges, 2 to 1, from trade groups including the Ohio Telecom Association, Texas Association of Business and USTelecom. They…
Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
From Hogan Lovells: The rapid development of data protection laws across the Asia-Pacific region indicates significant movement toward certain standards, albeit with notable local policy variations across multiple areas. Our Asia-Pacific Data, Privacy, and Cybersecurity Guide 2025 will explore these developments, key initiatives in major APAC jurisdictions, and the implications of an ever-changing regulatory landscape….
Australian ransomware victims now must tell the government if they pay up
Alexander Martin reports: Australia became on Friday the first country in the world to require victims of ransomware attacks to declare to the government any extortion payments made on their behalf to cybercriminals. The law, initially proposed last year, only applies to organizations with an annual turnover greater than AUS $3 million ($1.93 million) alongside a smaller…
HHS OCR Settles HIPAA Security Rule Investigation of BayCare Health System for $800k and Corrective Action Plan
HHS OCR has settled another enforcement action involving the HIPAA Security Rule. From their press release yesterday, it sounds like an insider wrongdoing case. In its formal resolution agreement, the government states that on October 23, 2018, OCR received a complaint alleging that on October 8, 2018, an unknown third party accessed her printed and…