KWCH reports: A Kansas health clinic issued a notice to federal law enforcement about a data breach that happened late last year. The Hutchinson Clinic said around Dec. 21, it was made aware of suspicious activity related to its computer systems. The clinic said a hacker they labeled “an unauthorized actor” had the ability to…
Category: U.S.
L.A. Unified admits that at least 2,000 student records dumped after ransomware attack
Mark Keierleber’s article on The 74, noted on this blog yesterday and discussed by some of us on infosec.exchange, has apparently resulted in the district making some small admissions. Howard Blume reports: The Los Angeles Unified School District disclosed Wednesday that “approximately 2,000 student assessment records” were posted on the dark web as a result…
Cyberattack on food giant Dole temporarily shuts down North America production, company memo says
Sean Lyngaas reports: A cyberattack earlier this month forced produce giant Dole to temporarily shut down production plants in North America and halt food shipments to grocery stores, according to a company memo about the incident obtained by CNN. The previously unreported hack — which a source familiar with the incident said was ransomware —…
Digital Healthcare Platform Ordered to Pay Civil Penalties and Take Corrective Action for Unauthorized Disclosure of Personal Health Information
Following up on the FTC’s February 1 announcement about its enforcement action against GoodRx, the Department of Justice announced yesterday: The Department of Justice, together with the Federal Trade Commission (FTC), announced today that the government has resolved allegations that GoodRx Holdings Inc., doing business as GoodRx Gold, GoodRx Care, and Hey Doctor (GoodRx), violated…
Trove of L.A. Students’ Mental Health Records Posted to Dark Web After Cyber Hack
Mark Keierleber reports: Detailed and highly sensitive mental health records of hundreds — and likely thousands — of former Los Angeles students were published online after the city’s school district fell victim to a massive ransomware attack last year, an investigation by The 74 has revealed. The student psychological evaluations, published to a “dark web”…
National Credit Union Administration Finalizes 72-Hour Cyber Incident Reporting Rule
Alexander Boyd and Colin H. Black of Polsinelli PC write: On February 16, 2023, the National Credit Union Administration (“NCUA”) unanimously approved a final rule that requires a federally-insured credit union to report “reportable cyber incidents” to the NCUA as soon as possible, and in no event later than 72 hours after the credit union…