This case is the stuff derisive tweeters live for. Seriously. Aetna is only making itself look worse and worse. Alison Frankel reports: Aetna has intensified its search for someone else to blame for a settlement notification fiasco that has so far put the company on the hook for nearly $20 million. Aetna stands accused, as…
Category: Of Note
New VPNFilter malware targets at least 500K networking devices worldwide
Cisco’s Talos writes: For several months, Talos has been working with public- and private-sector threat intelligence partners and law enforcement in researching an advanced, likely state-sponsored or state-affiliated actor’s widespread use of a sophisticated modular malware system we call “VPNFilter.” We have not completed our research, but recent events have convinced us that the correct…
Update: LifeBridge Health notifying 500,000 patients of security incident
Remember that LifeBridge Health and LifeBridge Potomac Professionals malware incident noted on this site on May 16? Baltimore Sun reports that they are notifying 500,000. Ouch.
UK: The University of Greenwich fined £120,000 by Information Commissioner for “serious” security breach
The University of Greenwich has been fined £120,000 by the Information Commissioner following a “serious” security breach involving the personal data of nearly 20,000 people – among them students and staff. It is the first university to have been fined by the Commissioner under the existing data protection legislation (Data Protection Act 1998). The investigation…
Actor Advertises Japanese PII on Chinese Underground
Kelly Sheridan reports: A dataset containing more than 200 million lines of Japanese personally identifiable information (PII) has been found on the Chinese underground market, researchers report. It’s believed the data is authentic and was exfiltrated from multiple Japanese website databases. Experts at FireEye iSIGHT Intelligence first noticed the actor advertising the dataset in December…
South Carolina Enacts First Insurance Data Security Act
Edward J. McAndrew of Ballard Spahr LLP writes: South Carolina has become the first state to enact a version of the Insurance Data Security Model Law, which was drafted by the National Association of Insurance Commissioners (NAIC) in 2017. Governor Henry McMaster signed the South Carolina Insurance Data Security Act into law on May 14, 2018. The Act…