Two potential class action lawsuits involving data breaches have reportedly settled. One awaits final approval in October, but the other settlement is already final. University of Pittsburgh Medical Center data breach $450K class action settlement During April to June 2020, Charles J. Hilton PC (CJH), a firm hired by UPMC for billing services, allegedly suffered…
Category: Health Data
Personal and sensitive files from Tehama County Social Services leaked on dark web. Have the victims been notified?
On their dark web blog, Quantum threat actors claim to have acquired 32 GB of files from Tehama County Social Services in California. Quantum describes the files as involving information of county clients and employees: Financial information, budgets, fiscal docs, contracts, HR data, resumes, payrolls, clients personal data, scans ID, scans SSN, personal info, scans…
Goodman Campbell Brain and Spine alerts patients to ransomware attack while continuing to provide care
Yesterday, Hive threat actors added Goodman Campbell Brain and Spine to their leak site, with a notice that they had encrypted the entity on May 20. They also provided some files as proof. But if Hive hoped this would pressure the multi-location medical entity, they seem to have misjudged their Indiana-based victim. On the homepage…
Is cyberinsurance for cyberattacks becoming harder to find and more costly?
Attorney Jeff Drummond writes: News from the Cyberinsurance Market: Healthcare entities are finding that cybersecurity insurance is getting harder to find. Insurers are leaving the market, and prices are going up. Having cyberinsurance has always been a good call, from the time the insurance first hit the market, because (i) the risk is so hard to quantify,…
California Attorney General Reminds Health App Providers of Obligations to Protect Reproductive Health Information
Hunton Andrews Kurth writes: On May 26, 2022, California Attorney General Rob Bonta issued a press release reminding health app providers that California’s Confidentiality of Medical Information Act (“CMIA”) applies to mobile apps that are designed to store medical information, which includes health apps such as fertility trackers. The press release reminds health app providers that the…
Shields Health Care Group notifies 2,000,000 patients after hack
Shields Health Care Group, Inc. (“Shields”) provides management and imaging services for dozens of covered entities in New England. On March 28, 2022, Shields was alerted to suspicious activity that may have involved data compromise. Their investigation discovered that an unknown threat actor had access to certain systems between March 7 and March 21 and…