A federal grand jury returned an indictment unsealed today in Newark, New Jersey charging Faramarz Shahi Savandi, 34, and Mohammad Mehdi Shah Mansouri, 27, both of Iran, in a 34-month-long international computer hacking and extortion scheme involving the deployment of sophisticated ransomware, announced Deputy Attorney General Rod J. Rosenstein, Assistant Attorney General Brian A. Benczkowski…
Category: Of Note
About 2.65M patients at Charlotte’s Atrium Health hit with third-party data breach
Caroline Hudson reports: About 2.65 million patients of Charlotte-based Atrium Health were recently hit with a data breach in which unauthorized parties gained access to their information. Hackers attempted to lift patient information over a weeklong period from Sept. 22-29. The data was stored in a third-party system provided by AccuDoc Solutions Inc., which provides…
UK’s ICO fines Uber £385,000 over data protection failings
The monetary penalties levied against ride-sharing giant Uber for covering up a 2016 breach continue to mount. From the ICO’s office: The Information Commissioner’s Office (ICO) has fined ride sharing company Uber £385,000 for failing to protect customers’ personal information during a cyber attack. A series of avoidable data security flaws allowed the personal details…
Bulgarian Prosecutors Detain Three Hackers Allegedly Involved in $5 Million Crypto Theft
Helen Partz reports: Bulgarian Gendarmerie forces and specialized prosecutors have arrested three hackers allegedly involved in stealing $5 million in crypto, Sofia-based newspaper 24 Chasa reports Monday, Nov. 26. Bulgarian police reportedly seized cryptocurrencies worth around $3 million, as well as the equipment allegedly used by the thefts, including computers, flash drives, and a hardware…
Allergy practice pays $125,000 to settle doctor’s disclosure of patient information to a reporter
From HHS, this enforcement action press release: Allergy Associates of Hartford, P.C. (Allergy Associates), has agreed to pay $125,000 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) and to adopt a corrective action plan to settle potential violations of the Health Insurance Portability and Accountability Act…
FL: Key Dental Group notifies patients because former EMR vendor will not return patient database
The following is not your typical breach notification. It relates to a situation in which a business associate allegedly refuses to return the patient database despite its EULA and HIPAA obligation. The press release does not indicate whether the covered entity, Key Dental Group, is suing its former vendor to recover the database. Nor does…