Sarah Ravani reports: Oakland’s police union filed a claim against the city after a ransomware attack released personal information for thousands of current and former city employees, union officials said Monday. The legal filing, which asks for monetary damages of up to $25,000 per affected employee, argues that the city failed to implement “reasonable, industry-standard…
Category: U.S.
Covid Contact-Tracing Contractor Settles Data Breach Lawsuit
Christopher Brown reports: Insight Global LLC will pay up to $5,000 each to victims of an April 2021 data breach involving Covid-19 contact-tracing data to compensate them for extraordinary out-of-pocket losses, in a settlement given final approval by a federal judge. Lisa Chapman filed the proposed class action against Insight and the Pennsylvania Department of…
Reports continue to emerge from Community Health Systems entities affected by Fortra/GoAnywhere breach
The number of entities disclosing that they were affected by the Fortra/GoAnywhere breach continues to mount. Because a number of entities are part of CHSPSC, LLC (“CHSPSC”) DataBreaches wants to make readers aware of two notices: Community Health System’s security incident notice. and A map of CHSPSC locations so you can look at your state…
Noteboom – The Law Firm hit by BlackCat
On March 24, BlackCat emailed Noteboom – The Law Firm, a Texas personal injury law firm. The email, shared with DataBreaches by BlackCat, appeared to be sent from the firm’s own systems administrator, Paul Khong. With some light editing by DataBreaches to correct some typos, it read: This is [ALPHV] aka BlackCat Ransomware Team. We…
Illinois’s Olympia CUSD 16 hit by LockBit3.0
LockBit3.0 claims to have hit the Olympia CUSD 16 in Illinois. So far, they have posted 4 files as proof, one of which appears to be a screencap of a directory of folders that might relate to Olympia North, Olympia South, and students, and another file with employee health-related information. There does not appear to…
HIPAA Data Breach Costs Company Nearly $300,000 In DOJ False Claims Act Settlement
Stacy L. Cook and Iqra Mushtaq of Barnes & Thornburg LLP write: On March 14, 2023, the U.S. Department of Justice (DOJ) announced the settlement of a case involving alleged violations of the False Claims Act (FCA) as a result of cybersecurity failures and breach of HIPAA-protected health information. Obtained under the Civil Cyber-Fraud Initiative, this settlement emphasizes…