Insider – Page 15 – DataBreaches.Net

Failure to terminate access can be costly. Very costly.

Posted on December 3, 2024 by Dissent

Earlier today, DataBreaches posted an HHS OCR announcement of a settlement with a HIPAA covered entity. A former contractor had accessed its electronic medical record system on three occasions without authorization to retrieve PHI for use in potential fraudulent Medicare claims. OCR imposed a monetary penalty of $1.19 million for the entity’s failure to: conduct…

HHS Office for Civil Rights Imposes a $1.19 Million Penalty Against Gulf Coast Pain Consultants for HIPAA Security Rule Violations

Posted on December 3, 2024December 3, 2024 by Dissent

In April 2019, DataBreaches reported that Gulf Coast Pain Consultants, LLC d/b/a Clearway Pain Solutions Institute had recently notified patients after discovering on February 20 that their EMR system had been accessed by a third party without authorization. At the time, they disclosed that 35,000 patients had been affected but they did not indicate that…

Information and Privacy Commissioner of Alberta Publishes 2023-24 Annual Report

Posted on November 29, 2024 by Dissent

November 27 EDMONTON – The 2023-2024 Annual Report of the Office of the Information and Privacy Commissioner (OIPC) of Alberta was tabled today by the Speaker of the Alberta Legislative Assembly and has now been published online by the OIPC. “The 2023-24 year can best be characterized as a year of change and engagement for…

ByteDance Sues Intern for $1.1 Million Over AI Sabotage

Posted on November 29, 2024 by Dissent

Here’s your frequent reminder of the insider threat. Wency Chen reports: ByteDance, the owner of TikTok and Douyin, filed a lawsuit against a former intern, accusing him of tampering with code and sabotaging an artificial intelligence (AI) training project and demanding 8 million yuan (US$1.1 million) in compensation as well as a public apology, according…

Man accused of hilariously bad opsec as alleged cybercrime spree detailed

Posted on November 26, 2024November 26, 2024 by Dissent

This is normally where DataBreaches might write, “Here’s today’s reminder of the Insider Threat,” but this time, we might add, “but not all insider threats are that sophisticated or hard to detect.” Connor Jones reports: A Kansas City man who stands accused of having a disregard for basic opsec made his first court appearance on…

Today’s reminder of the insider threat: LG Electronics USA

Posted on October 31, 2024 by Dissent

From a notification sent to the New Hampshire Attorney General’s Office by external counsel for LG Electronics U.S.A. (LGEUS): Earlier this month, in the course of investigating certain matters relating to a recent resignation by a (now former) Payroll Manager at LGEUS, the Company determined that the former employee — during the course of their…