Yesterday, Grass Valley in California announced they had suffered a breach last year. Their disclosure does not say when they first detected any breach, but reports that their investigation determined that unauthorized access had occurred between April 13, 2021 and July 1, 2021. After further investigation, Grass Valley discovered that the unauthorized person transferred files…
Category: Hack
Jefferson Surgical Clinic notifies 174,769 about June, 2021 data breach
If a covered entity detects a breach at the beginning of June 2021 but doesn’t notify patients until January 2022, will HHS think this is just fine? What if there was no encryption of data involved? Is it acceptable to take 7 months to notify patients if there are no unusual circumstances or request from…
Sg: OG department store customers’ personal details leaked in data breach
Rosalind Ang reports: There has been a leak of OG department store customers’ personal data such as names, mobile numbers and dates of birth, said the retailer on Thursday (Jan 6). In a statement to OG members, the department store said it was notified on Tuesday about the data breach, which affected members who are in either…
Administrative fine imposed on psychotherapy centre Vastaamo for data protection violations
A hack and extortion attempt involving the psychotherapy center in Vastaamo, Finland was — and remains — one of the worst breaches ever covered on PogoWasRight.org and DataBreaches.net because it involved the sensitive mental health information of tens of thousands of patients and a coverup by an executive of the clinic. Now EDPB has posted…
New York Attorney General James Alerts 17 Companies to “Credential Stuffing” Cyberattacks Impacting More Than 1.1 Million Consumers
NEW YORK – New York Attorney General Letitia James today announced the results of a sweeping investigation into “credential stuffing” that discovered more than 1.1 million online accounts compromised in cyberattacks at 17 well-known companies. Attorney General James released a “Business Guide for Credential Stuffing Attacks” that details the attacks — which involve repeated, automated attempts to access online…
Out with the old, in with the new? Saltzer Health, Broward Health report data breaches impacting protected health information
Saltzer Health, Idaho As 2021 wound down, Saltzer Health in Idaho reported a breach it had discovered on June 1. According to their notification, an employee’s email account had been compromised. Investigation showed the access began on May 25. On December 29, Saltzer issued a notice that disclosed the incident and reported that the types…