On February 26, Arizona Complete Health notified plan members of the Accellion breach. According to the notification (see below), the threat actors (who have since self-identified as CLOP) were able to “view or save” member information between January 7 and January 25, 2021. The types of ePHI involved included insured members’ name and one or…
Category: Commentaries and Analyses
Line app allowed Chinese firm to access personal user data
Catalin Cimpanu reports: In a press conference today, the Japanese government announced it was investigating the parent company behind the Line instant messaging app after a local newspaper reported that engineers at one of the app’s Chinese contractors accessed the messages and personal details of Line users. Read more on The Record.
21 months after a ransomware attack, a business associate breach first shows up on HHS’s breach tool. Here’s why.
HIPAA Journal reports on an incident that is illustrative of the challenges entities may face in the wake of a ransomware attack — determining whether a breach is a reportable incident or not. It also illustrates what may happen if an entity decides something is not a reportable breach but further investigation by the U.S….
UK: Ministry of Defence secrets exposed by people sending files to personal email accounts, documents show
Alexander Martin reports: Secret information belonging to the Ministry of Defence was exposed to hostile states when it was transferred from secure networks to personal email accounts, Sky News has learnt. Although documents obtained by Sky News were redacted to obscure the nature of the secret information, they reveal a record number of security breaches…
Assessing Damages in Data Privacy and Data Breach Class Actions Involving Health Data in the Wake of COVID-19
Vildan Altuglu, Maria Salgado, Omur Celmanbet, Rezwan Haque, and Lucia Yanguas of Cornerstone Research write: The COVID-19 pandemic, which has generated a surge in telehealth and introduced the concept of contact tracing into our daily lives, is likely to expose businesses and governments to an increased risk of data privacy and data breach class actions…
A Hacker Got All My Texts for $16
If this story doesn’t scare you, I don’t know what will. Joseph Cox reports: I didn’t expect it to be that quick. While I was on a Google Hangouts call with a colleague, the hacker sent me screenshots of my Bumble and Postmates accounts, which he had broken into. Then he showed he had received…