Zack Whittaker reports: U.S. health conglomerate Kaiser is notifying millions of current and former members of a data breach after confirming it shared patients’ information with third-party advertisers, including Google, Microsoft and X (formerly Twitter). In a statement shared wcith TechCrunch, Kaiser said that it conducted an investigation that found “certain online technologies, previously installed…
Category: U.S.
Two ransomware attacks in 2023 first disclosed in April — Kisco Senior Living, Blackstone Valley Community Health Care (1)
Two more ransomware incidents that occurred in 2023 were disclosed this week. One was disclosed 10 months after the incident, and the other was disclosed 5 months after the incident. Kisco Senior Living On or about June 15, 2023, BlackByte claimed responsibility for a ransomware attack on Kisco. This week, Kisco filed a notification with…
Cyberattack on Change Healthcare has scammers targeting Nebraska patients
Abigail Carrera reports: A recent cyberattack on Change Healthcare has resulted in scammers targeting Nebraska patients. Bryan Health has received multiple reports of scammers reaching out to patients claiming to be representatives from hospitals across Nebraska and surrounding areas. Scammers are reportedly telling patients they’re entitled to a full refund if they provide them with a credit…
Valley Mountain Regional Center discloses a breach, but are patients still in the dark? (1)
In November 2021, Valley Mountain Regional Center (VMRC) notified HHS that multiple employees were the victims of a phishing scheme that compromised the protected health information (PHI) of 17,197 individuals. They notified HHS, affected individuals, media, and provided substitute notice. HHS reports, “In its mitigation efforts, the Business Associate strengthened its technical safeguards to better…
Resource: U.S. State Data Breach Notification Laws
There’s an update to Foley & Lardner’s resource on U.S. state data breach notification laws. They explain what their resource applies and what it doesn’t apply to: While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches…
NYS Legislature’s bill drafting office is dealing with cyberattack
NBC reports: The New York State Legislature’s bill drafting office is dealing with a cyberattack. State officials reported their system has been down since early Wednesday morning. According to the New York Times, Gov. Kathy Hochul says this could stall operations and workers might have to use computer systems that are nearly 30 years old….