In recognition of National Cybersecurity Awareness Month, OCR has produced a new video this October for organizations covered under the HIPAA Rules on how the HIPAA Security Rule can help regulated entities defend against cyber-attacks. The video is available in English and Spanish. This presentation is intended to educate the health care industry on real…
Category: Commentaries and Analyses
Hackers Accessed 632,000 Email Addresses at US Justice, Defense Departments
Ari Natter reports: A Russian-speaking hacking group obtained access to the email addresses of about 632,000 US federal employees at the departments of Defense and Justice as part of the sprawling MOVEit hack last summer, according to a report on the wide-ranging attack obtained through a Freedom of Information Act request. The report, by the US…
Hogan Lovell Series: “Insider Threats”
Hogan Lovells is introducing a new multimedia series: Welcome to Hogan Lovells’ The Data Chronicles, brought to you by the firm’s global Privacy and Cybersecurity practice. This multimedia series is dedicated to the ever-changing legal and regulatory developments in the world of data, privacy, and cybersecurity. Insider threat remains one of the most challenging cybersecurity…
Should Ransom Payments Be Made Illegal?
October 24, 2023 — The Ransomware Task Force was created in 2021 to bring together government, private industry and civil society to create strategies to fight cybercriminal gangs extorting organizations. This year has been challenging with rising attacks, but Megan Stifel of the Institute for Security and Technology says progress is being made. In this…
Inadequate security measures: the Guarantor sanctions an ASL. The healthcare facility had suffered a ransomware attack
The following is a Google machine translation of a post by Italy’s data protection regulator. It strikes me yet again how entities covered by the GDPR get fined for poor or inadequate security practices that should — but generally do not — incur monetary penalties here: Sanction by the Privacy Guarantor of 30,000 euros to a…
Hackers escalate: leak 200k CCSD students’ data; claim to still have access to CCSD email system
Clark County School District (CCSD) in Nevada informed parents and employees that they became aware of a “cybersecurity incident” on October 5. Three weeks later, the district had not fully recovered from the attack and parents were complaining about the district’s lack of transparency about what was stolen in the breach. Disturbingly, while the district…