It’s one thing to update a breach report with a notice of lawsuit settlement, but it’s another to realize you never covered the original breach at all. Let’s remedy that now. On February 27, 2021, Zywave and its subsidiary, Insurance Technologies Corp (ITC) suffered a data breach. From a press release by plaintiff’s counsel: Cybercriminals…
Category: Breach Incidents
Duncan Regional Hospital notifies more than 92,000 patients of data security incident
Charlene Belew reports: Officials with DRH Health, the leading healthcare provider in Stephens County, confirmed Friday, March 4 a data incident dating back to January of this year may have impacted protected health information for some patients. On Jan. 20, DRH reported an incident affected on of their servers, although an investigation launched immediately and…
The Puerto Rican Organization to Motivate, Enlighten, and Serve Addicts (PROMESA) discloses 2020 data breach
Is there anyone who thinks this timeline/delay to notification is just fine? On July 17, 2020, Acacia determined that an unauthorized person gained access to certain employee email accounts for a limited time between June 6, 2020 and June 12, 2020. Their investigation was inconclusive as to whether anyone accessed the emails and attachments in…
NIS 2.0—the EU looks to bolster its cybersecurity laws
On 17 February 2022, the second-round of trilogue negotiations commenced between the EU’s institutions on the so-called ‘NIS2’ Directive, which intends to reform the EU’s current cybersecurity rules. Dan Whitehead of Hogan Lovells writes: NIS2 is intended to update the existing Directive 2016/1148 (the Network and Information Security Directive (NIS1)) which took effect in May…
Monongalia Health System hacked again? Second incident report in one year.
Monongalia Health System in West Virginia issued a press release this week about a data breach that impacted patients, employees, and contractors. It was the second incident reported by them in a one-year period. But was this incident unrelated to the first incident or related to it? It’s not yet clear, let’s back up to…
Aon hit by cyber attack
Luke Gallin reports: Global insurance and reinsurance broker Aon was hit by a cyber attack on February 25th, 2022, according to an 8-K filed with the Securities and Exchange Commission (SEC) in the U.S. In its filing, Aon states that it identified a cyber incident impacting a limited number of systems. Read more at Reinsurance…