The FBI Internet Crime Complaint Center (IC3) released their annual report. Overall, the statistics and trends are pretty much what we would have expected to see from reading the news every day. Complaints about crime increased year over year for the past 5 years, with the most significant increase in number of reports occurring in…
Category: Commentaries and Analyses
Arizona Complete Health notifies plan members of Accellion breach
On February 26, Arizona Complete Health notified plan members of the Accellion breach. According to the notification (see below), the threat actors (who have since self-identified as CLOP) were able to “view or save” member information between January 7 and January 25, 2021. The types of ePHI involved included insured members’ name and one or…
Line app allowed Chinese firm to access personal user data
Catalin Cimpanu reports: In a press conference today, the Japanese government announced it was investigating the parent company behind the Line instant messaging app after a local newspaper reported that engineers at one of the app’s Chinese contractors accessed the messages and personal details of Line users. Read more on The Record.
21 months after a ransomware attack, a business associate breach first shows up on HHS’s breach tool. Here’s why.
HIPAA Journal reports on an incident that is illustrative of the challenges entities may face in the wake of a ransomware attack — determining whether a breach is a reportable incident or not. It also illustrates what may happen if an entity decides something is not a reportable breach but further investigation by the U.S….
UK: Ministry of Defence secrets exposed by people sending files to personal email accounts, documents show
Alexander Martin reports: Secret information belonging to the Ministry of Defence was exposed to hostile states when it was transferred from secure networks to personal email accounts, Sky News has learnt. Although documents obtained by Sky News were redacted to obscure the nature of the secret information, they reveal a record number of security breaches…
Assessing Damages in Data Privacy and Data Breach Class Actions Involving Health Data in the Wake of COVID-19
Vildan Altuglu, Maria Salgado, Omur Celmanbet, Rezwan Haque, and Lucia Yanguas of Cornerstone Research write: The COVID-19 pandemic, which has generated a surge in telehealth and introduced the concept of contact tracing into our daily lives, is likely to expose businesses and governments to an increased risk of data privacy and data breach class actions…