Aaron Sanderford reports: Nebraska on Monday became the first state to sue Tennessee-based Change Healthcare over the company’s massive data breach that cost at least 575,000 Nebraskans their personal information and medical records. … The breach was blamed on a low-level employee who had his or her login credentials hacked. Nebraska Attorney General Mike Hilgers…
Category: U.S.
Kitsap Mental Health Services breach impacted sensitive patient information (1)
Update: DataBreaches did not spot it earlier, but on December 12, Kitsap Mental Health Services posted a notice on its website about a cyberattack that it reportedly detected on October 17, 2024. Investigation revealed that on September 17 and between October 8, 2024, and October 19, 2024, there was unauthorized access to their network and…
Boston University and Feds Investigating Hacking of Framingham Heart Study Data
Molly Callahan reports: Boston University’s renowned Framingham Heart Study (FHS) was breached by hackers, who gained access to the data of participants—both living and deceased—of the country’s longest running, multigenerational heart study. BU officials say the hackers gained access to the study’s server, but that information technology specialists from BU and FHS were able to…
Rhode Island Residents’ Data Breached in Large Cyberattack; Data May Be Leaked Soon
Aimee Ortiz reports: The personal and private information of possibly hundreds of thousands of people who applied for government assistance in Rhode Island could be in the hands of hackers after a huge cyberattack, state officials said on Friday. The cybercriminals said to be behind the attack threatened to release the data unless they received…
Minnesota schools must report cybersecurity incidents under new law
Anna Merod reports: Dive Brief: Minnesota public school districts, charter schools and colleges must now report cybersecurity incidents such as ransomware or network attacks under a newly enacted state law. The information that schools report to Minnesota will not be shared publicly, unlike with similar statewide data breach reporting requirements in California and Maine. Instead, the information will be anonymized…
Wyden seeks stricter telecom cyber standards following Salt Typhoon breach
Martin Matishak reports: Sen. Ron Wyden on Tuesday unveiled legislation that would require the Federal Communications Commission to set cybersecurity standards for telecom companies, as the policymakers grapple with the ongoing breach of U.S. phone networks by Chinese hackers. The draft measure from the Oregon Democrat comes days after Senate lawmakers received a classified briefing about the wide-scale…