From the U.S. Department of Justice, February 18, 2025 Note: View the settlement agreement here. Health Net Federal Services Inc. (HNFS) of Rancho Cordova, California and its corporate parent, St. Louis-based Centene Corporation, have agreed to pay $11,253,400 to resolve claims that HNFS falsely certified compliance with cybersecurity requirements in a contract with the U.S. Department…
Category: U.S.
Ransomware attack affects Michigan casinos and tribal health centers
On February 15, the RansomHub ransomware group claimed responsibility for an attack on the Sault Ste. Marie Tribe of Chippewa Indians. RansomHub claims to have “temporarily locked” the tribe’s infrastructure and to have acquired 119 GB of files (501, 211 files). The affected systems reportedly include casinos, convenience stores, government buildings, and telecommunications services, but…
Bill raising the bar for class-action suits in data breach incidents advances
Rural Radio reports: A measure that would raise the bar for filing class-action lawsuits in state courts against private entities that suffer a cybersecurity breach has received first round approval in the Nebraska Legislature. Lawmakers spent a considerable amount of floor debate Tuesday and today discussing LB 241, which would require willful, wanton, or gross…
Virginia AG’s office says it was struck by ‘sophisticated cyberattack’
Laura Vozzella reports: A “sophisticated cyberattack” struck the offices of Virginia Attorney General Jason S. Miyares on Wednesday, forcing the agency to shut down computer systems and resort to paper court filings as Virginia State Police and the FBI investigate. “Unfortunately our agency has been the victim of what appears to be a sophisticated cyberattack,”…
School board approves letter to AG for PowerSchool data breach
Caleb M. Soptelean, The Sanford Herald, N.C. reports: The Lee County Schools Board of Education has requested that the North Carolina Attorney General pursue legal action against PowerSchool over a nationwide data breach that occurred late last year. The school board voted unanimously to send a letter to the AG, which was requested by board…
Humboldt Independent Practice Association’s breach notification leaves questions unanswered
On November 11, 2024, Humboldt Independent Practice Association (Humboldt IPA) submitted a breach report to HHS that used a placeholder of 500 for the number of patients affected. All we knew from HHS’s entry was that it was some kind of hacking or IT incident involving protected health information located in email. The California entity’s…