Commentaries and Analyses – Page 434

Indiana objects to proposed Equifax data breach settlement

Posted on December 10, 2019 by Dissent

According to Bloomberg Law, Indiana has filed an objection to the proposed Equifax data breach settlement. The state wants the language of the settlement changed to exclude further actions by state attorneys general, or failing that, for the court to reject the proposed settlement.

How can we screw up incident response? Let me count the ways — Monday UK Edition

Posted on December 9, 2019 by Dissent

This week, DataBreaches.net was reminded yet again of the risks of trying to alert an entity to a breach. This time, it was not me who was threatened or any of the whitehat researchers I know. This week, it was a citizen who found patient records on the street in his town and undertook to…

Medical Devices Face January 14 D-Day

Posted on December 8, 2019 by Dissent

Medlaw reports: January 14, 2020, Microsoft will stop supporting Windows 7. So what? Well, if you are in the medical community, it could mean the choice between spending big money on updating the operating systems of your medical devices or facing the constant attacks of hackers with vulnerable, out-dated software. Some hospitals have updated medical…

Russian disinformation campaign behind leak of Labour’s NHS documents, Reddit says

Posted on December 7, 2019 by Dissent

The Press Association reports: Leaked documents used by Jeremy Corbyn as proof Tories are planning to sell off the NHS have been linked to a Russian disinformation campaign on Reddit, the social media platform has said. Reddit said it had banned 61 accounts following an investigation of suspect activity. Read more on BreakingNews.ie.

Indian Airtel: Bug meant users’ personal data was found not secure

Posted on December 6, 2019 by Dissent

Shadab Nazmi reports: A bug had been found in India’s third largest mobile network which could have exposed the personal data of more than 300 million users. The flaw, discovered in the Application Program Interface (API) of Airtel’s mobile app, could have been used by hackers to access subscribers’ information using just their numbers. That…

NYC Health & Hospitals Corp. investigating alleged employee wrongdoing

Posted on December 6, 2019 by Dissent

NYC Health & Hospitals Corp. posted a notice this week (reproduced below) that suggests that a rogue employee may have been selling PHI to law firms or clinics that specialize in motor vehicle accident patients. Of note, this notice does not specify any one hospital where the employee worked. Did the employee have access to…