Sometimes, an incident that doesn’t appear to require notification may require notification under HIPAA. In an August, 2018 incident reported on The Elkhart Truth that involved Goshen Health, the health system originally determined that no notification was required, but when forensic investigators came in months later and looked for any information that might have been…
Category: Commentaries and Analyses
Presidential Proclamation on National Cybersecurity Awareness Month, 2019
September 30, 2019 — During National Cybersecurity Awareness Month, we recognize that protecting cyberspace is essential to our national security and economic stability. We also underscore the responsibility individuals have to secure and safeguard their personal devices, technology, and networks from cyber threats. Ok, stop right there. I couldn’t even get myself to read the…
Dunkin’ Donuts says there’s ‘no basis’ for lawsuit over 2015 security incident
Catalin Cimpanu reports that Dunkin Donuts has responded to the lawsuit filed by the NYS Attorney General with a statement to them that said, in part, that there’s “absolutely no basis” for the lawsuit, and that they were “shocked and disappointed” by the New York Attorney General’s Office decision to move forward with litigation. Read…
Hearing aid manufacturer hit by cyber attack slashes profits by $95 million
Graham Cluley reports: Demant, the manufacturer of Oticon hearing aids, has said that it expects losses of up to 650 million kroner (approximately $95 million) following a cyber attack earlier this month. The company’s servers suffered what it described as a “critical incident” on September 3, disrupting the production and distribution of its products. Read…
U.S. Navy to Appoint Cyber Chief Following a Blistering Audit
Gordon Lubold and Dustin Volz report: The Navy is hiring a new cyber chief in an attempt to better shield its military secrets from Chinese hackers and other nation-state thieves who have aggressively targeted naval operations in recent years, according to Navy officials. The new position is part of a broader effort to improve cybersecurity…
Polish data protection authority issues €645,000 fine to online retailer
Jessica Belton reports: Poland’s Personal Data Protection Office (UODO) this week imposed a PLN 2.8 million (€645,000) fine on online retailer Morele.net for “insufficient organisational and technical safeguards”. The data breach affected approximately 2.2 million customers who purchased products through one of the group’s nine websites. Read more on IT Governance.