Washington D.C., Oct. 22, 2024 — The Securities and Exchange Commission today charged four current and former public companies – Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies Ltd, and Mimecast Limited – with making materially misleading disclosures regarding cybersecurity risks and intrusions. The SEC also charged Unisys with disclosure controls and procedures violations….
Censys recently published a new research report that looks at exposed data on the internet involving healthcare devices and systems connected to PHI. Here’s their Executive Summary: Censys discovered 14,004 unique IP addresses exposing healthcare devices and data systems connected to potentially sensitive medical information on the public internet. These exposures greatly raise the risk of unauthorized…
Sammy Heung reports: Hong Kong’s privacy watchdog has found a prominent sports club had been in breach of privacy regulations in the run-up to a large-scale leak involving about 72,000 members’ personal information. The Office of the Privacy Commissioner for Personal Data said on Tuesday that the South China Athletic Association (SCAA) had failed to…
DataBreaches recently posted a press release from HHS OCR that announced a settlement with Cascade Eye and Skin Centers following a ransomware investigation. Theresa Defino of Report on Patient Privacy (RPP) dug into the incident and investigation more, and her reporting services as a great reminder that HHS’s press releases frequently do not really answer…
Barbara Booth reports: With ransomware attacks surging and 2024 on track to be one of the worst years on record, U.S. officials are seeking ways to counter the threat, in some cases, urging a new approach to ransom payments. Ann Neuberger, U.S. deputy national security adviser for cyber and emerging technologies, wrote in a recent Financial…
On Wednesday, the RansomHub ransomware group added a listing for DoctorsToYou in New York to their leak site. Their listing included several screencaps that revealed personally identifiable information (PII) and protected health information (PHI). Some of the files specifically showed their name or letterhead. The listing did not indicate how many GB of data RansomHub…