I know we’re in the middle of a pandemic, but an incident involving Avalon Health Care Management occurred before all that. And once again, I find myself scratching my head over the timeline in a notification and how Health & Human Services/Office for Civil Rights will view the timeline in terms of compliance with the…
Category: U.S.
San Francisco Intl Airport discloses data breach after hack
Sergiu Gatlan reports: San Francisco International Airport (SFO) disclosed a data breach after two of its websites, SFOConnect.com and SFOConstruction.com, were hacked during March 2020. According to a notice of data breach sent to all SFO Airport commission employees via an internal memo, the attackers may have gained access to the login credentials of users registered on the two…
U.S. SEC settles with two traders over 2016 EDGAR filing system hack
Reuters reports: The U.S. securities regulator on Thursday said it had settled with two traders who allegedly made money trading on material nonpublic information stolen through a hack into the agency’s EDGAR electronic filing system. The traders were among several defendants charged by the agency last year for a 2016 hack that the Securities and…
Doctor’s Claims Against Employee Over Stolen Hard Drive Revived
Mary Anne Pazanowski reports: A Utah physician can proceed with several claims against a former employee who allegedly stole a computer hard drive containing patient information and used it to support a False Claims Act complaint against the physician, a federal court in the state said. Sherman Sorensen’s second amended complaint alleged enough facts to…
A Hacker’s Scheme is “Forthright;” Thus, No Computer Fraud Coverage for Ransomware Attacks
From the good-to-know dept., Timothy A. Carroll and Joshua A. Mooney of White and Williams LLP write: A computer hacker may engage in malicious and criminal conduct, but that doesn’t mean that the conduct is “fraudulent.” In G&G Oil Company v. Continental Western Ins. Co., 2020 Ind. App. LEXIS 126 (Ind. Ct. App. Mr. 31, 2020),…
ReportaClaim may need to report a leak
Pennsylvania-headquartered ReportaClaim.net describes itself as gateway for stand alone companies, professional employer organizations (PEOs), staffing companies, and their clients to submit worker injury reports. In order to do that, they necessarily collect a lot of personal and medically-related information such as the employee’s full name, the employer, the employee’s job position, the date of injury,…