Monongalia Health System in West Virginia issued a press release this week about a data breach that impacted patients, employees, and contractors. It was the second incident reported by them in a one-year period. But was this incident unrelated to the first incident or related to it? It’s not yet clear, let’s back up to…
Category: U.S.
260,000 confidential attorney discipline records published after data breach, State Bar of California says
Scott Schwebke reports: A website that aggregates court cases nationwide has published 260,000 confidential attorney discipline records, the State Bar of California said Saturday, Feb. 26. The data breach by shadowy judyrecords.com was first discovered Friday by the State Bar. “We apologize to anyone who is affected by the website’s unlawful display of nonpublic data,”…
LAPSUS and the Terrible, Horrible, No Good, Very Bad Ransom Day1 (UPDATED)
First they thought their victim hacked them back. Then they appeared to be trolled by a “negotiator” who wasn’t. I don’t know if the Brazilian threat actors who call themselves LAPSUS felt like moving to Australia after a bad day at the ransom office yesterday, but their attack on Nvidia and the aftermath seemed somewhat……
JDC Healthcare Management issues second press release about malware incident last summer
On October 7, JDC Healthcare Management (Jefferson Dental Care) issued a press release concerning a malware incident discovered in August. At the time, they notified HHS that 501 patients were affected — a number that typically means “We know it’s more than 500 but we don’t have an exact count yet.” Today, they issued a…
LA: Spine Diagnostic & Pain Treatment patient files show up on ransomware site
It looks like we may need to add Spine Diagnostic & Pain Treatment to our list of medical entities hit by ransomware groups. Conti Team added the Louisiana provider to their leak site earlier today, dumping 3,351 files that they claim represent 30% of all the files they exfiltrated. Inspection of the files, which compromised…
At Least 22 States Have Consumer Privacy Legislation Pending – Will 2022 Be the Year for More State Privacy Laws?
Deborah George of Robinson & Cole writes: California is the gold standard for state privacy laws, having recently enacted the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). Virginia and Colorado also have enacted comprehensive privacy laws, which will take effect in 2023. Recently, the International Association of Privacy Professionals (IAPP)…