Early yesterday, Change Healthcare reported that they were experiencing enterprise-wide connectivity issues. They didn’t call it a cyberattack at that point, but by mid-day, their status reports were indicating that they were experiencing “a network interruption related to a cyber security issue.” A few hours later, they added a statement, “Once we became aware of…
Category: U.S.
Hack at Services Firm Hits 2.4 Million Eye Doctor Patients
Marianne Kolbasuk McGee reports: Medical Management Resource Group, which does business as American Vision Partners, works with – and “shares” a management system, IT and infrastructure with – 12 practices, according to its website. The incident involved the hack of a network server and affected more than 2.35 million individuals, the company said in a…
Data Breach Putative Class Action Questions Whether Broker Was Swift Enough in Notice and Response
Andrea DeField and Matthew J. Revis of Hunton Andrews Kurth write: While America was tuned into the big game, one California insurance broker faced its own treacherous showdown in the form of a putative class action filed on February 8, 2024 stemming from a data breach. With cyber incidents still on the rise, this is a story…
Updating: Prince George’s County Public Schools breach affected almost 100,000
In August 2023, Prince George’s County Public Schools disclosed a cyberattack. At the time, they reported that “an estimated 4,500 user accounts out of 180,000 were impacted, primarily staff accounts. The school system is still assessing the full scope of this incident, but as of this time, the main business and student information systems –…
Ukrainian man pleads guilty in cyberattack that temporarily disrupted major Vermont hospital
AP reports: A Ukrainian man has pleaded guilty to involvement in two separate malware schemes including a cyberattack at the University of Vermont Medical Center in 2020 that temporarily shut down some of its vital services and cost it tens of millions of dollars, according to the U.S. Department of Justice. Vyacheslav Igorevich Penchukov, also…
Update on INTEGRIS Health data breach: incident response criticized by patients
In December, INTEGRIS Health disclosed a cyberattack in November in which threat actors contacted patients directly to extort them when INTEGRIS wouldn’t pay their demands. DataBreaches subsequently reported additional details. On February 6, INTEGRIS updated its breach notice. The updated website notice incorporates the kind of language that advocates for transparency and data protection may…