DarkReading reports: 23andMe, the popular DNA testing company, has launched an investigation after client information was listed for sale on a cybercrime forum this week. On Oct. 1, a post was published on the forum with a link to a sample of allegedly “20 million pieces of data” from the genetic testing company, claiming that it…
Category: Health Data
HC3: Monthly Cybersecurity Vulnerability Bulletin
October 05, 2023 TLP:CLEAR Report: 202310051200 September Vulnerabilities of Interest to the Health Sector In September 2023, vulnerabilities to the health sector have been released that require attention. This includes the monthly Patch Tuesday vulnerabilities released by several vendors on the second Tuesday of each month, along with mitigation steps and patches. Vulnerabilities for September…
Blackbaud settles breach probe by states for nearly $50M
Steven Ardary reports: A South Carolina software company has agreed to a multi-million dollar settlement for a 2020 ransomware event that exposed the personal information of millions of consumers in the United States. South Carolina Attorney General Alan Wilson announced that Blackbaud would pay $49.5 million to states settling allegations that the company violated state…
MOVEit Data Breach Lawsuits Sent to Massachusetts Federal Court
Christopher Brown reports: More than 100 lawsuits arising from a cyberattack on Progress Software Corp.‘s MOVEit file transfer application will be consolidated in federal court in Massachusetts, the Judicial Panel on Multidistrict Litigation said. Centralization of the lawsuits in the US District Court for the District of Massachusetts will serve the convenience of the parties and…
Au: Cybercriminals access patient information at Melbourne’s Royal Women’s Hospital
Rachael Ward reports: The private details of almost 200 patients being treated at a major Melbourne hospital may have been accessed by online criminals. On Thursday, the Royal Women’s Hospital notified 192 patients their data might have been compromised. The hospital says it has not been hit by a cyberattack and the breach was sparked by a…
Pathology Lab Has Most of Patient’s Data Breach Claims Dismissed
Bernie Pazanowski reports: A patient at a pathology laboratory who suffered a data breach can pursue his negligence claim against Molecular Pathology Laboratory Network, Inc., but all of his other claims were dismissed. Tri Thai said that the company was subject to a “massive and preventable cyberattack” that it discovered on Dec. 17, 2021. He…