On February 18, 2019, Columbia Surgical Specialists of Spokane notified HHS of a breach impacting 400,000 patients. The incident was coded as a network/IT incident involving data on the network server. DataBreaches.net reached out to the entity for additional details concerning what we hypothesized was a ransomware attack. But despite two phone calls to the…
Category: Of Note
MI: Thousands of Mary Free Bed patients impacted by Wolverine’s ransomware incident (with updates)
Note: This post started out being about Mary Free Bed being impacted by the Wolverine Solutions breach previously discussed on this site, but as other entities affected have been identified, this post is being updated to name them. Fox17 reports on yet another victim entity caught up in the Wolverine Solutions breach: Thousands of patients…
Million-plus Israeli websites target of ransomware hack
Jewish News Syndicate reports: A massive hacking attempt to infest more than a million Israeli websites with ransomware that would lock administrators out until they agreed to pay was thwarted over Shabbat, though many pages were defaced with “Jerusalem is the capital of Palestine.” The hackers attacked the Hebrew website Nagich, which is dedicated to…
More than 5 months after ransomware incident, Wolverine Solutions Group still notifying more than 700 companies and 1.2 million patients
More than 5 months after a ransomware incident, Wolverine Solutions Group is still in the process of notifying more than 700 companies and 1.2 million patients. Should they even have to, or has the government imposed too burdensome a responsibility on entities that experience attacks to individually notify patients when there is no evidence of…
Republicans, Democrats Offer Different Views on Preemption During Senate Privacy Hearing
James Strawbridge of Covington & Burling writes: At a February 27, 2019 hearing on “Privacy Principles for a Federal Data Privacy Framework in the United States,” Republican and Democratic members of the Senate Commerce, Science, & Transportation Committee offered different perspectives on whether new federal privacy legislation should preempt state privacy laws. Chairman Roger Wicker…
NJ Measure to Expand Disclosure of Online Breaches Heads to Governor
Suzette Parmley reports that New Jersey is on the verge of expanding its breach notification law as a bill is headed to the Governor’s desk for signature. A-3245/S-52 would amend the law to include among the information triggering a notification requirement: usernames, email addresses, and any passwords or security questions and answers that would permit access…