Jim Nash reports: A U.S. consumer finance regulator has published a circular warning that insufficient security for consumer biometric and other personal data is illegal under federal law. Multi-factor authentication is singled out as a method of making data security sufficient. Anyone reading that who still thinks it will never happen to them is invited…
Category: U.S.
NY: Practice Resources, LLC notifies 942,138 patients after ransomware attack
On August 4, Practice Resources, LLC notified the California Attorney General’s Office that it had been the victim of a ransomware attack on April 12. They also notified HHS that 942,138 patients were affected by the breach (see below). The New York firm is a business associate that provides a variety of health management services,…
Florida Orthopaedic Institute settles lawsuit after 2020 ransomware incident
Top Class Actions reports that Florida Orthopaedic Institute, ooerated by the Musculoskeletal Institute, has agreed to pay $4 million to settle claims stemming from a 2020 ransomware attack. The incident was first disclosed in June 2020, and then reported to HHS on July 1 as affecting 640,000 patients. There is no notation in HHS’s public…
Foreign National Faces Federal Charges for Wire Fraud, Money Laundering and Aggravated Identity Theft Related to a Business Email Compromise Scheme
Victims of the Scheme were in at least Five States including California, Tennessee, Michigan, Hawaii, and Illinois Greenbelt, Maryland – Njuh Valentine Fombe, a/k/a “Valentine”, age 36, formerly of Beltsville, Maryland, had an initial appearance in U.S. District Court in Greenbelt on August 8, 2022, after being a fugitive for almost three years until his…
Lee County Emergency Medical Services notifies past customers of third-party security breach
Cape Coral Breeze reports: Lee County Emergency Medical Services reports that on Aug. 4 staff received notification of a customer data breach related to a previous third-party vendor responsible for ambulance billing services. Lee County EMS conducted business with a company called Intermedix Corporation for nearly 15 years, ending its vendor contract in September 2014….
Recent Cedar Rapids Schools letter to parents confirms ransom payment after cyberattack
KWWL reports: In a message to families and staff on Friday, the Cedar Rapids School District (CRCSD) said it paid a third-party entity in an attempt to stop vital information from being released during a recent cyber security incident. The letter sent to parents, viewable on KWWL’s site, says: As part of the process to…