New Jersey psychiatry practice pays $30,000 to settle complaint about impermissible disclosure of protected health information by disclosing this information in online review Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announces a settlement with Manasa Health Center, LLC, a health care provider in New Jersey that provides…
Category: Commentaries and Analyses
Can Exposed[.]vc attract BreachForum’s loyal users? It’s trying to.
In a somewhat unusual approach to marketing, a new hacking-related forum intentionally leaked a database with the usernames and email addresses of many of the very people it hopes will register for its new forum — and then advertised the leak. How’s that working out for them so far? When RAIDForums was seized by law…
South Jersey Behavioral Health Resources discloses ransomware attack
South Jersey Behavioral Health Resources has disclosed that they were hit with a ransomware attack on April 3. They do not indicate what group attacked them, or what any ransom demand may have been, and DataBreaches has not seen this incident on any leak site to date. According to their notification, “The investigation remains ongoing,…
Mission Community Hospital attackers exploited vulnerabilites in Paragon and Cisco
As Mission Community Hospital in California continues to investigate a cyberattack in April, more details have emerged as to how the attack by RansomHouse threat actors occurred. As previously reported, the RansomHouse listing for Mission Community Hospital claimed to have 2.5 TB of data and provided some proof of claims. RansomHouse also included a note…
Update on GLBA Safeguards Rule in Higher Education
Benjamin Wanger and Pierce T. Cox of BakerHostetler write: On February 9, 2023, the Department of Education Office of Federal Student Aid (“FSA”) issued an electronic notice regarding the Federal Trade Commission’s Final Rule amending the Standards for Safeguarding Customer Information (“Safeguards Rule”) under the Gramm-Leach-Bliley Act (“GLBA”). The amendments to the Safeguards Rule, which go into…
Hong Kong privacy watchdog warns data management firm over possible exposure of credit histories of 180,000 people
Sammy Heung reports: Hong Kong’s privacy watchdog has threatened to take legal action against a data management firm for failing to protect the credit histories of about 180,000 people from unauthorised access. The Office of the Privacy Commissioner for Personal Data on Thursday said it received a complaint in December 2021 from an individual who…