Connexin Software, a business associate to numerous pediatric practices, recently notified HHS that it experienced a breach that affected 2,216,365 patients. One thing DataBreaches noted with interest in their substitute notice below is their statement that an unauthorized individual was able to access an offline set of patient data used for data conversion and troubleshooting. …
Category: Of Note
One Brooklyn Health System offline for more than one week — has it been hit with ransomware?
If it sounds like a ransomware attack and they won’t tell you what’s going on for more than one week, I think ransomware sounds like a reasonable guess, and DataBreaches understands why some people are suggesting that. On November 25, The City reported: The computer network system at a major Brooklyn hospital network has been…
Liability for cyber attacks clarified by Ontario Court of Appeal
Molly Reynolds, Nic Wall, and Shalom Cumbo-Steinmetz of Torys LLP write: The Ontario Court of Appeal released a trilogy of decisions on November 25 on the availability of the “intrusion upon seclusion” tort in data breach class actions. At issue was whether the tort can be used against corporate defendants that had been hacked by…
Update: One week later, All India Institute of Medical Sciences (AIIMS) services still on manual system
Servers of the All India Institute of Medical Sciences (AIIMS) are still down as AIIMS works to recover from a ransomware attack. According to some sources, the attackers, who have not been named, had reportedly demanded about Rs 200 crore in cryptocurrency, but Delhi Police deny that AIIMS has reported receiving any such demand. Thirty…
Ireland’s Data Protection Commission announces decision in Facebook “Data Scraping” Inquiry
Press release: The Data Protection Commission (DPC) has today announced the conclusion to an inquiry into Meta Platforms Ireland Limited (MPIL), data controller of the “Facebook” social media network, imposing a fine of €265 million and a range of corrective measures. The DPC commenced this inquiry on 14 April 2021, on foot of media reports…
5.4 million Twitter users’ stolen data leaked online — more shared privately
Lawrence Abrams reports: Over 5.4 million Twitter user records containing non-public information stolen using an API vulnerability fixed in January have been shared for free on a hacker forum. Another massive, potentially more significant, data dump of millions of Twitter records has also been disclosed by a security researcher, demonstrating how widely abused this bug…