Columbus Regional Healthcare System (CRHS) is a non-profit organization in North Carolina licensed for 154 beds. The Daixin ransomware group claims that on May 18, they encrypted the hospital’s servers after exfiltrating data and deleting backups. A Ransom Demand and Failed Negotiations A spokesperson for Daixin tells DataBreaches that three days after they encrypted the…
Category: Federal
High court sides with Medicaid fraudster in identity theft case
Alexandra Jones reports: The Supreme Court unanimously shot down the government’s broad reading of identity theft law Thursday in a decision that will shorten the prison sentence of an Austin psychologist who defrauded Medicaid. “While the Government represents that prosecutors will act responsibly in charging defendants under its sweeping reading, this Court ‘cannot construe a…
Pacific Union College was attacked on March 27. When will they publicly admit personal info was compromised?
That Pacific Union College (PUC) experienced a cyberattack is not a secret. The college even posted a notice on their website on April 7 stating that they were experiencing “Additional complications relating to the ongoing cybersecurity issue, which has recently affected some of our internal networks, phone systems, and web services. The remainder of the…
Update on GLBA Safeguards Rule in Higher Education
Benjamin Wanger and Pierce T. Cox of BakerHostetler write: On February 9, 2023, the Department of Education Office of Federal Student Aid (“FSA”) issued an electronic notice regarding the Federal Trade Commission’s Final Rule amending the Standards for Safeguarding Customer Information (“Safeguards Rule”) under the Gramm-Leach-Bliley Act (“GLBA”). The amendments to the Safeguards Rule, which go into…
Bluefield University cyberattack affects employees, students, and some students’ parents (2)
Updated May 13: It appears that Bluefield U. has not warned students that the university’s system is still compromised and that the threat actor can see and acquire files. Yesterday, a student that DataBreaches will not name submitted a Virginia Tuition Assistance Grant application with his full Social Security number, date of birth, and other…
NIST to Finalize Special Publication (SP) 800-66 Revision 2 and Collaborate on Resources for Small, Regulated Entities
NIST to Finalize Special Publication (SP) 800-66 Revision 2 and Collaborate on Resources for Small, Regulated Entities April 25, 2023 For the past 18+ months, the National Institute of Standards and Technology (NIST), in collaboration with the HHS Office for Civil Rights (OCR), has been working to update NIST Special Publication (SP) 800-66, Implementing the Health…