Edward O’Brien reports: A Montana hospital is being sued for a data breach last year that compromised the personal information of over 200,000 patients. The lawsuit filed last month in Flathead County District Court alleges Kalispell-based Logan Health Medical Center lacked adequate cybersecurity to prevent the breach of patient names, phone numbers and insurance information….
Category: U.S.
Audit of the Connecticut Health Insurance Exchange Uncovers 44 Unreported Data Breaches
HIPAA Journal reports: An audit of Connecticut’s Health Insurance Exchange, Access Health CT, by the state auditor has revealed Access Health CT suffered 44 data breaches over the last 3.5 years that had not been fully reported and that sufficient steps had not been taken to safeguard sensitive data. The Connecticut Health Insurance Exchange acts…
Block confirms Cash App breach after former employee accessed US customer data
Carly Page reports: Block has confirmed a data breach involving a former employee who downloaded reports from Cash App that contained some U.S. customer information. In a filing with the Securities and Exchange Commission (SEC) on April 4, Block — formerly known as Square — said that the reports were accessed by the insider on December 10. “While this…
55,000 there, 190,000 there, 1.8 million there, and the breaches roll on…
Taylor Regional Hospital in Kentucky recently notified 190,209 patients of breach that they identified in January. An investigation determined that an unauthorized person had gained access to their network between November 2, 2021 and January 19, 2022, and obtained certain files from their systems containing patients’ names, and one or more of the following: address,…
Rattled by RIPTA breach that affected 22,000, lawmakers propose policy changes
Antonia Noori Farzan reports: Lawmakers say that last year’s breach of Rhode Island Public Transit Authority computer systems highlighted glaring problems with the way the state responds to the theft of people’s personal data. […] DiPalma’s bill, S 2664, is designed to expand the protections and reporting requirements outlined in the Identity Theft Protection Act of 2015. A companion bill, H…
Solar Winds can’t dodge investor suit over massive cyberattack
Stephen Paulsen reports: An Austin-based tech company may be liable to investors after it suffered a major security breach that caused its stock price to plummet, a federal judge ruled. Although that company, SolarWinds, was itself a victim of the breach, the company may had acted recklessly in protecting its software, U.S. District Judge Robert Pitman…