OCR has announced another settlement. This one involves Sentara Hospitals, and it’s a somewhat surprising one in the sense that Sentara not only seems to have gotten the fundamentals of HIPAA and notification compliance wrong, but then they seem to have insisted in their wrongheaded ways even after HHS told them what their obligations were. …
Category: Of Note
District Court (NY) Says It’s Powerless to Approve Class Settlement Arising Out of Data Breach Due to Lack of Art. III Cognizable Injury
Scott J. Hyman of Severson & Werson PC writes: In Steven v. Carlos Lopez & Assocs., No. 18-CV-6500 (JMF), 2019 U.S. Dist. LEXIS 203621 (S.D.N.Y. Nov. 22, 2019), Judge Furman declined to approve settlement of a data breach class due to the absence of Art. III standing. From the opinion: In June 2018, an employee…
Allied Universal Breached by Maze Ransomware, Stolen Data Leaked
Lawrence Abrams reports: After a deadline was missed for receiving a ransom payment, the group behind Maze Ransomware has published almost 700 MB worth of data and files stolen from security staffing firm Allied Universal. We are told this is only 10% of the total files stolen and the rest will be released if a…
Authorities Arrest Suspected Jack Dorsey Hacker
Joseph Cox reports: Authorities have arrested an individual who is allegedly part of The Chuckling Squad, a hacker group that in August compromised the Twitter account of Twitter CEO Jack Dorsey, according to law enforcement and criminal sources. The group also claimed responsibility for hacks of other celebrities, including actress Chloë Grace Moretz. The alleged member was arrested…
110 Nursing Homes Cut Off from Health Records in Ransomware Attack; Attackers Demand $14M in BTC
Brian Krebs reports: A ransomware outbreak has besieged a Wisconsin based IT company that provides cloud data hosting, security and access management to more than 100 nursing homes across the United States. The ongoing attack is preventing these care centers from accessing crucial patient medical records, and the IT company’s owner says she fears this…
Yet another city reports a Click2Gov breach
Another city has reported a breach involving Click2Gov software by CentralSquare Technologies. WTVY reports Dothan, Alabama has joined more than four dozen other cities using Click2Gov that have experienced breaches involving payment card data of residents using online payment portals: “It has come to the City of Dothan’s attention that CentralSquare, the third-party processor of…