Commentaries and Analyses – Page 37

Another plastic surgery group has fallen victim to a ransomware attack – Long Island Plastic Surgical Group/NYSPG (2)

Posted on March 19, 2024 by Dissent

On March 8, DataBreaches learned of another attack on a plastic surgery group. This time, it was the Long Island Plastic Surgical Group, a group that has 10 locations in New York and dozens of doctors. This is another ransomware story that may have a very unhappy ending for patients and employees. Hit by Two…

The 2024 Breach Barometer reports a staggering 171 million patient records breached. And that’s just the ones we know about.

Posted on March 19, 2024 by Dissent

Each year, many news sites add up the number of reports on HHS’s public breach tool and then add up the number of records reported for those incidents. For 2023, that came to 725 reports and about 135 million records. Those numbers are disturbing, but not as disturbing as the numbers out today by Protenus….

Decreasing ransomware attacks: two strategies to consider

Posted on March 18, 2024 by Dissent

Experts agree that a ban on ransom payments should decrease ransomware attacks, but concerns about implementing any ban are not trivial. Here are two ideas to consider. Proposal 1: Increasing the Sanctions List Expanding the sanctions list to include every ransomware group with a leak site might make threat actors less likely to threaten victims…

FCC Updated Data Breach Notification Rules Go into Effect Despite Challenges

Posted on March 14, 2024 by Dissent

Hunton Andrews Kurth writes that on March 13, 2024, the Federal Communications Commission’s updates to the FCC data breach notification rules (the “Rules”) went into effect despite legal challenges. The rules were adopted in December 2023 pursuant to an FCC Report and Order (the “Order”). Their previous blog post explained the Rules: Pursuant to the…

Banning Ransom Payments: Calls Grow to ‘Figure Out’ Approach

Posted on March 8, 2024 by Dissent

Mathew J. Schwartz reports: How might banning ransomware victims from paying a ransom to their attacker work in practice? As ransomware groups are causing massive damage and disruption and showing no signs of stopping, Ciaran Martin, the former head of Britain’s National Cyber Security Center, said “it’s time to figure out how to make a ransomware payments…

HHS Statement Regarding the Cyberattack on Change Healthcare

Posted on March 6, 2024 by Dissent

March 5. The U.S. Department of Health and Human Services (HHS) is aware that Change Healthcare – a unit of UnitedHealth Group (UHG) – was impacted by a cybersecurity incident in late February. HHS recognizes the impact this attack has had on health care operations across the country. HHS’ first priority is to help coordinate…