C. T. Bowen reports: Hillsborough County has notified more than 70,000 people that a global data breach may have put their personal information at risk. The breach involved the MOVEit file transfer tool, a third-party service that complies with federal Health Insurance Portability and Accountability Act (HIPAA) regulations. The breach also may have affected 106…
Category: U.S.
FTC investigates OpenAI over data leak and ChatGPT’s inaccuracy
Cat Zakrzewski reports: The Federal Trade Commission has opened an expansive investigation into OpenAI, probing whether the maker of the popular ChatGPT bot has run afoul of consumer protection laws by putting personal reputations and data at risk. The agency this week sent the San Francisco company a 20-page demand for records about how it…
8Base claims to have stolen patient data and employee info from Kansas Medical Center
While LockBit was adding one physician-owned medical entity to its leak site, a relatively new group known as 8Base was adding another physician-owned medical entity to its own leak site. 8Base claims to have attacked Kansas Medical Center on June 18 and to have downloaded data on July 11. They claim they will publish the…
Another business associate attack results in theft of patient data — Panorama Eyecare
Panorama Eyecare in Colorado is a physician-owned firm providing business associate services to vision care providers: Earlier today, the firm was added to LockBit’s leak site with a claim that 798 GB of data had been exfiltrated from four of the firm’s clients: Eye Center of Northern Colorado Denver Eye Surgeons Cheyenne Eye Clinic &…
Why gay furry hackers are leaking state government documents
Hacktivism is still a thing, of course, perhaps even more so these days with all the political conflicts in within and between countries and religions. If you’ve been wondering about a group describing themselves as “gay, furry hackers,” Sofia Mahirova has a write-up about them: Earlier this month, SiegedSec, the group of self-described “gay and…
Lawsuit against cardiology practice alleges fraudulent charges from data breach
In many potential class action lawsuits stemming from a data breach, none of the named plaintiffs may have experienced any concrete injury such as identity theft or fraud that could plausibly linked to the breach. Here’s a lawsuit where’s the plaintiffs report concrete injury. Whether they will be able to link it to the particular…