Lorenzo Franceshi-Bicchierai has a follow-up to his early report on VTECH: Over the weekend, the hacker, who asked to remain anonymous, told me that VTech left other sensitive data exposed on its servers, including kids’ photos and chat logs between children and parents. This data is from the company’s Kid Connect, a service that allows parents using…
Category: Of Note
Triple-S Management Corporation Settles HHS Charges by Agreeing to $3.5 Million HIPAA Settlement
Congratulations. You’re on one of the few sites that reported on some concerning breaches in the healthcare sector involving Triple-S, a licensee of Blue Cross Blue Shield in Puerto Rico. I first reported on them in 2010, including the $100K fine they were handed, and then I reported on them twice in 2014, including when they were handed a $6.4M…
UAE: Hacker holds UAE bank to ransom, demands $3m
Mazhar Farooqui reported this on Nov. 25: A sinister cyber criminal has hacked into a Sharjah bank and is now holding it to ransom by leaking confidential data of clients on social networking and microblogging site Twitter every few hours, XPRESS can reveal. The criminal who goes by the moniker Hacker Buba and uses a…
VTECH Hack Exposes Data on More Than 200,000 Kids and Almost 5M parents (update2)
Lorenzo Franceschi-Bicchierai reports: The personal information of almost 5 million parents and more than 200,000 kids was exposed earlier this month after a hacker broke into the servers of a Chinese company that sells kids toys and gadgets, Motherboard has learned. The hacked data includes names, email addresses, passwords, and home addresses of 4,833,678 parents…
FTC files notice of appeal in FTC v. LabMD
The FTC has filed a notice of appeal in FTC v. LabMD, stating: Complaint Counsel intends to preserve and advance all arguments presented before the Administrative Law Judge at the evidentiary hearing and through Complaint Counsel’s post-trial briefs, including Complaint Counsel’s Proposed Findings of Fact and Conclusions of Law, Post-Trial Brief, Reply to Respondent’s Proposed Findings of Fact,…
Lahey Clinic Hospital settles OCR charges stemming from theft of laptop used with CT scanner
Hot off the presses: there’s been another settlement announced by OCR. This one involves Lahey Hospital and Medical Center (Lahey Clinic Hospital), who have agreed to pay $850,000 and to adopt a robust corrective action plan to correct deficiencies in its HIPAA compliance program. Lahey is a nonprofit teaching hospital affiliated with Tufts Medical School, providing primary…