Here’s today’s reminder of the insider threat. We start with a notice from Geisinger about a security incident involving Nuance Communications: Nuance Communications Inc., an outside vendor that provides information technology services for Geisinger, is notifying Geisinger patients that some personal information may have been accessed by a former Nuance employee. On Nov. 29, 2023,…
Hunton Andrews Kurth writes: On June 18, 2024, the U.S. Securities and Exchange Commission (“SEC”) announced a settlement with R.R. Donnelley & Sons Co. (“RRD”), a global provider of business communication and marketing services, for violating the internal controls and disclosure controls provisions of federal securities laws in relation to Donnelley’s response to a 2021 ransomware attack….
Matt Burgess reports: Crippling ransomware attacks against hospitals and health care providers are on the rise. These ruthless cyberattacks can take medical systems offline for weeks—canceling appointments and surgeries and causing harm to patients. Doctors and nurses are plunged into crisis situations where they resort to using pen and paper, while IT staff work to make…
Alexa Lardieri reports: A cyberattack on a major American hospital system has caused dangerous medication mix ups including patients administered narcotics by mistake, leading to an admission to intensive care for life-threatening breathing difficulties. In another case, a female patient suffered a cardiac arrest and died after data mishaps delayed test results that would determine her…
Is the following case an example of insider threat or it is a whistleblower situation — or both? The U.S. Attorney’s Office of Southern Texas issued the following press release on June 17: A Houston doctor has been indicted for obtaining protected individual health information for patients that were not under his care and without…
Full Title: In the Matter of Liberty Latin America Limited, Liberty Mobile Puerto Rico Inc., Liberty Mobile USVI Inc. Document Type: Consent Decree Order Bureau(s): Enforcement Description FCC EB settles with Liberty for $100K civil penalty resolving an investigation into whether Liberty failed to report a data breach in a timely manner as required and failed…