Sometimes (but not always), breaches have steep consequences. Catalin Cimpanu reports: Scripps Health, a California-based nonprofit healthcare provider that runs five hospitals and 19 outpatient facilities, said it expects to lose an estimated $106.8 million following a ransomware attack that hit the organization in May 2021. “Operating revenues and operating expenses for the quarter ended…
Category: Commentaries and Analyses
Dozens Of Texas School Districts Hammered By Cyberattacks, I-Team Finds
Brian New reports: A rising number of cyberattacks on Texas schools is exposing a troubling vulnerability. A CBS 11 I-Team investigation found in the past two years at least 67 school districts in Texas have suffered a cybersecurity breach. The incidents range from teachers accidentally emailing student personal information out to the whole class to…
Still Missing a New Leader, Former OCR Directors, Experts Offer Advice, Task List
Theresa Defino writes: Issue a final rule revising the privacy regulation and write guidance on the information blocking rule. Formalize the fledgling audit program required by Congress more than 10 years ago. Engage with providers and other HIPAA-regulated entities. And by all means, get cracking. In a series of interviews with RPP, two former Office for…
Hack me once, shame on you. Hack me twice, shame on me?
Alicia Hope reports: A report by Ponemon Institute and commissioned by Team Cymru found that half of the organizations surveyed experienced disruptive cyber attacks from repeat sophisticated threat actors, the majority of whose exploits were unresolved. Although organizations acknowledged experiencing disruptive attacks and from repeat offenders, total remediation was not possible. According to the report,…
Ransomware attackers claim to have stolen data from three NZ firms
Tom Pullar-Strecker reports: South Island businesses may be paying an early price for the United States’ recent successes against ransomware attackers. Evidence is emerging that ransomware criminals may be switching attacks to “soft targets” including New Zealand and Australian firms after President Biden laid down the law with Russia, experts say. A ransomware group known…
Morgan Stanley asks court to throw out data security lawsuit
Ryan W. Neal reports: Morgan Stanley has asked a New York federal court to throw out a class action lawsuit alleging the firm failed to properly wipe sensitive client information from decommissioned computer equipment that has since gone missing. The former clients cannot plausibly identify instances of personal data being accessed or misused, or any…