So if you want to prove a hacking bill is a bad idea, engaging in black hat/grey hat activities may not be the best way to persuade people. Tom Corwin reports: A hacking group upset with Georgia legislation that could criminalize what they do targeted Georgia Southern University and two Augusta restaurants in an ongoing…
Category: U.S.
A Notice Regarding a Recent Data Security Incident Affecting Boise State University students
For those keeping track: we had this incident filed solely under Fresno State, but had counted it in those incidents involving health/medical info. The incident had been included in our March 2018 analyses. — DataBreaches.net Boise State University received notice recently from Fresno State University that a theft on their campus may have potentially involved…
Supreme Court to rule in Google referrer header privacy settlement case
David Zwier reports: The US Supreme Court granted certiorari [order list, PDF] in three cases Monday, including a dispute over a settlement in a Google privacy case and a Missouri death penalty case. In Frank v. Gaos [docket; cert. petition, PDF], the question before the court is, “in what circumstances a cy pres award of…
NE: Complete Family Medicine advises patients of burglary
From their public notice: On March 1, 2018, the offices of Complete Family Medicine, LLC were burglarized. Later the same day, Complete Family Medicine discovered that the perpetrators stole numerous items including a computer component of a medical device used to conduct EKGs and uncashed patient checks that were stored in a locked safe. Law…
Palos Heights doctor indicted for insurance fraud; misused patient info
Mike Nolan reports: A suburban physician was indicted on federal fraud charges for allegedly pocketing nearly $1 million in payments from Medicare and a private insurer for nonexistent treatment, the U.S. attorney in Chicago announced Friday. The 12-count indictment against Pranav Patel, owner of Palos Medical Care in Palos Heights, alleges he submitted fraudulent claims…
WHEN do you have to notify by? State laws vary.
MintzLevin has updated its state data breach law matrix, as I noted previously on the page where I link to such resources. Here’s an excerpt from their matrix: Breach Notification Timeline Time After Discovery of Breach Action Required 10 Calendar Days Puerto Rico Department of Consumer Affairs 14 Business Days Vermont AG preliminary…