Community Health Network in Indiana has become the latest healthcare entity to notify patients that their protected health information was transmitted via trackers on their website from Google and Meta. Their FAQ page attempts to explain it in basic English and does a good job, but there’s no getting around this: Any individual who visited…
Category: Commentaries and Analyses
HC3 Alert on Lorenz Ransomware
HC3 has issued an alert about Lorenz ransomware. Lorenz threat actors have been mentioned on DataBreaches’ site several times since 2021. In one case they attacked and exfiltrated data of 500,000 patients of Wolfe Clinic in Iowa, and they recently posted data from Salud Family Health in Colorado. Salud has not yet reported a number…
Third Circuit Finds Standing for Victim of Data Breach, Citing ‘Imminent Harm’
Harris Freier and Avi R. Jerushalmy write: It comes as no surprise that cybersecurity is at the forefront of business owners’ minds across the globe. Corporate cyberattacks were at an all-time high last year, up 50% year over year. The Cybersecurity and Infrastructure Security Agency reported in February that it is aware of ransomware incidents against 14…
Hackers breach energy orgs via bugs in discontinued web server
Sergiiu Gatlan reports: Microsoft said today that security vulnerabilities found to impact a web server discontinued since 2005 have been used to target and compromise organizations in the energy sector. Read more at BleepingComputer.
The LinkedIn-HiQ Labs Case and Data Scraping in the US: Some Takeaways
Odia Kagan of Fox Rothschild writes: What does the summary judgment granted to Linkedin in the famous Linkedin-HiQ Labs case teach us about data scraping in the US? Here are some of my thoughts on what the U.S. District Court for the Northern District of California ruling means. Bottom line: Summary judgment was granted to…
Farrer Park Hospital fined S$58,000 over data breach affecting medical information of 2,000 people
Louisa Tang reports in Singapore: Farrer Park Hospital has been fined S$58,000 over a data breach that led to the confidential medical information of almost 2,000 people being automatically forwarded to a third party. In a judgment dated Sep 15 and released on Friday (Nov 18), the Personal Data Protection Commission (PDPC) gave more details…