There’s an interesting monetary penalty notice involving a UK law firm stemming from a ransomware attack in 2020 and the ICO’s investigation of their data protection and security. The Information Commissioner announced today that it has issued Tuckers Solicitors a monetary penalty under section 155 of the Data Protection Act 2018 (“the DPA”). The penalty…
Category: Breach Incidents
Unable to determine what files were accessed, Norwood Clinic notifies all 228,103 patients
Norwood Clinic in Birmingham, Alabama is notifying 228,103 patients of a hacking incident that left them unable to determine what, if anything, had been accessed. In a notification to the Maine Attorney General’s Office, the clinic’s external counsel reported that the breach began on September 20 and was discovered on October 22. The types of…
Yet more data from the Sea Mar Community Health Center data breach appears on the internet
If Herman’s Hermits sang about the latest development in the Sea Mar Community Health Center data breach, they’d probably sing: Third verse, same as the first A little bit louder and a whole lot worse Last month, DataBreaches.net reported that Sea Mar Community Health Center in Washington state had been sued in November, weeks after…
Update: Central Indiana Orthopedics notifying 83,705 of October data breach
In October, 2021, this site reported that Central Indiana Orthopedics (CIO) had promptly disclosed a data security incident involving Grief threat actors. This week, CIO’s external counsel notified the Maine Attorney General’s Office about the incident, reporting that 83,705 patients were impacted, total. Types of information involved included name, address, Social Security number, and limited…
Zywave seeks approval of $11 million data breach lawsuit settlement
It’s one thing to update a breach report with a notice of lawsuit settlement, but it’s another to realize you never covered the original breach at all. Let’s remedy that now. On February 27, 2021, Zywave and its subsidiary, Insurance Technologies Corp (ITC) suffered a data breach. From a press release by plaintiff’s counsel: Cybercriminals…
Duncan Regional Hospital notifies more than 92,000 patients of data security incident
Charlene Belew reports: Officials with DRH Health, the leading healthcare provider in Stephens County, confirmed Friday, March 4 a data incident dating back to January of this year may have impacted protected health information for some patients. On Jan. 20, DRH reported an incident affected on of their servers, although an investigation launched immediately and…