Here’s yet one more case to note about standing and how cases may get dismissed before they even really get started. This case involved Syracuse ASC, LLC. In 2021, they experienced a cyberattack and notified 24,891 patients. A copy of their notification was posted to the Vermont Attorney General’s website at the time. In due…
Category: U.S.
Cyber attack on Montclair Township led to $450K ransom payment
Talia Weiner reports: The Township of Montclair’s insurer negotiated a settlement of $450,000 with the people behind a recent “cyber incident” in order to end the attack, a report says. […] “To guard against future incidents, the township has installed the most sophisticated dual authentication system available to its own system and it is currently…
SolarWinds’ $26 Million Deal in Russian-Hack Suit Gets Final Nod
Christopher Brown reports: SolarWinds Corp. will pay $26 million to settle an investor suit alleging it failed to disclose security vulnerabilities before a massive cyberattack, under an agreement given final approval by a federal court. Investors alleged the technology company misled them about its security practices before announcing a suspected Russian hack in late 2020, causing the…
Discovery at Home notifies patients after phishing incident
Discovery at Home provides senior home healthcare services to seniors in Florida and Texas. On July 31, they issued a website notice about a phishing incident they discovered on June 1. As they describe it, the scheme resulted in the transmittal of personal health information to an unauthorized third-party sender. Elements of personal information that may…
MHMR Authority of Brazos Valley provides notice of ransomware attack last November (1)
On December 22, 2022 DataBreaches added MHMR Authority of Brazos Valley to our non-public breach worksheet. Based on information at that time from Hive threat actors, it appeared that the non-profit Texas mental health and substance abuse treatment provider’s files had been locked on November 5. Their listing on Hive’s leak site was a sure…
Cyberattacks And Compromise of Attorney Client Confidences
Scott Greenfield comments on a ruling previously noted on this site: In an underappreciated ruling, District of Columbia Judge Amit Mehta ruled that the multinational law firm Covington & Burling must comply with an SEC subpoena requiring the firm to give up the names of clients, publicly-traded corporations, in order for the SEC to investigate whether…