Sander Lutz reports: A federal judge in Florida has ruled in favor of a plaintiff who sued anonymous hackers and issued formal notice of the legal action via NFT, according to recent court filings. The ruling, a default judgment from Judge Beth Bloom of the United States District Court Southern District of Florida, declares that…
Category: U.S.
NorthStar Emergency Medical Services notifies 82,450 patients of September hacking incident
NorthStar Emergency Medical Services in Alabama is notifying 82,450 patients of an incident last year that involved protected health information. According to a notification letter and press release by NorthStar, on September 16, 2022, NorthStar detected abnormal activity in their network. Investigation subsequently revealed that an unauthorized actor had accessed files containing protected health information….
Jelly Bean Communications Design and its Manager Settle False Claims Act Liability for Cybersecurity Failures on Florida Medicaid Enrollment Website
There’s an update to the Florida Healthy Kids breach that was due to their vendor, Jelly Bean Communications, not patching vulnerabilities for seven years. The incident was reported to HHS in January 2021 as impacting 3.5 million patients. Today, the U.S. Department of Justice announced: Jelly Bean Communications Design LLC (Jelly Bean) and Jeremy Spinks…
No need to hack when it’s leaking, DC Health Link edition
On March 12, DataBreaches reported on the Health Benefit Exchange Authority data that was first leaked by a forum user known as “IntelBroker” and then by “Denfur.” The DC Health Link incident attracted a lot of media attention because it involved members of Congress, their staff, and their families. As StateScoop reported today, DC Health…
Lawsuit filed against Lehigh Valley Health Network after ransomware gang leaks sensitive patient data online
The following lawsuit and press release were predictable. Could LVHN have protected sensitive patient information better? If so, is less than perfect security somehow “negligent?” And if they are found to be negligent, how will LVHN be held accountable, and how on earth will patients ever come close to being made whole from a breach…
A joke gone too far: “thekilob” falsely accused of being responsible for DC Links breach
On March 6, a forum post appeared on BreachForums that listed data for sale from the Health Benefit Exchange Authority, DC.gov The seller, a respected forum user known as IntelBroker, claimed that the data had been hacked within the past hour and contained information on 170,000 users. In less than a day, the data were…