Category: U.S.

Two ransomware attacks in 2023 first disclosed in April — Kisco Senior Living, Blackstone Valley Community Health Care (1)

Posted on by Dissent

Two more ransomware incidents that occurred in 2023 were disclosed this week. One was disclosed 10 months after the incident, and the other was disclosed 5 months after the incident. Kisco Senior Living On or about June 15, 2023, BlackByte claimed responsibility for a ransomware attack on Kisco.  This week, Kisco filed a notification with…

Read more

Cyberattack on Change Healthcare has scammers targeting Nebraska patients

Posted on by Dissent

Abigail Carrera reports: A recent cyberattack on Change Healthcare has resulted in scammers targeting Nebraska patients. Bryan Health has received multiple reports of scammers reaching out to patients claiming to be representatives from hospitals across Nebraska and surrounding areas. Scammers are reportedly telling patients they’re entitled to a full refund if they provide them with a credit…

Read more

Valley Mountain Regional Center discloses a breach, but are patients still in the dark? (1)

Posted on by Dissent

In November 2021, Valley Mountain Regional Center (VMRC) notified HHS that multiple employees were the victims of a phishing scheme that compromised the protected health information (PHI) of 17,197 individuals. They notified HHS, affected individuals, media, and provided substitute notice. HHS reports, “In its mitigation efforts, the Business Associate strengthened its technical safeguards to better…

Read more

Resource: U.S. State Data Breach Notification Laws

Posted on by Dissent

There’s an update to Foley & Lardner’s resource on U.S. state data breach notification laws. They explain what their resource applies and what it doesn’t apply to: While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches…

Read more