In the first part of a discussion of an incident reported by CoPilot Provider Support Services, this site reported claims by John Witkowski, a former employee, that CoPilot had not reported accurately on the incident. In this part, we focus on just one of CoPilot’s claims – that they are not a business associate under HIPAA….
Category: Breach Incidents
OCR investigating CoPilot Provider Support Services breach; former employee lodged complaint
When CoPilot Provider Support Services recently disclosed a security incident that they had known about since 2015, their statements might have led you to believe that a disgruntled former employee had hacked them or misused previously authorized access, and that law enforcement might be looking into criminal charges. If you thought that, you were wrong on both counts. CoPilot Provider Support Services (“CoPilot”) describes itself…
2016 W-2 data up for sale on the dark web (updated)
As regular readers know by now, DataBreaches.net has been compiling reported instances of W-2 phishing scams. As part of that investigation, I decided to take a quick look today at some dark net marketplaces to see if any data were up for sale. Brian Krebs had reported on this issue in January after finding a…
Are Courts the Next Frontier in Fight Against State Hacking?
Ben Hancock discusses another strategy for responding to state hacking: trying to sue them under the CFAA, although state claims would also be needed: “It is important to consider other, complementary options,” added Hinnen, who previously dealt with national security issues as a senior lawyer at the Justice Department. “One option worth consideration is enabling…
Oklahoma Gov, OMES Confirm Unnamed Agency Hacked, No Ransom Paid
Grant Hermes reports: Calling it a “catch-22”, Oklahoma state officials declined to release which state agency was discovered to have been attacked by hackers, claiming on Wednesday that releasing the name could compromise the agency further. Last week, the state director of Oklahoma CyberCommand told a House of Representative committee an agency had been attacked…
Information Breach Reported By Hillsborough County
Sherri Lonon reports: Hillsborough County Aging Services has notified about 650 clients about a possible breach of protected health information that occurred in 2011. The potential breach was brought to the county’s attention in December 2016 by a former employee. According to the county, the possible breach occurred in March 2011 when an employee of…