NEWARK–Attorney General Matthew J. Platkin announced today that New Jersey is co-leading, with Oregon and Florida, an overall $2.5-million settlement with EyeMed Vision Care (“EyeMed”) that resolves an investigation into a data breach that compromised the personal and medical information of approximately 2.1 million people, including more than 52,000 from New Jersey. Pennsylvania also joined…
Category: Phishing
WA: Adna School District Defrauded $346,000 in Phishing Scam
The Chronicle reports: The Adna School District was defrauded of $346,000 through what school officials have called a “sophisticated phishing scam,” according to Adna Superintendent Thad Nelson. The district announced the fraud in a detailed email to The Chronicle on Thursday, noting that after the activity was confirmed, the district notified the FBI, the Washington…
Russian hackers exfiltrated data from from Capita over a week before outage
Kevin Beaumont writes: Capita have finally admitted a data breach, but still do not think they need to disclose key details of the incident to customers, regulators, impacted parties and investors. So in this piece we shall dig into the details using open source intelligence, and prove Capita was penetrated by Black Basta ransomware group using…
Daggerfly Cyberattack Campaign Hits African Telecom Services Providers
Ravie Lakshmanan reports: Telecommunication services providers in Africa are the target of a new campaign orchestrated by a China-linked threat actor at least since November 2022. The intrusions have been pinned on a hacking crew tracked by Symantec as Daggerfly, and which is also tracked by the broader cybersecurity community as Bronze Highland and Evasive Panda….
Hospitals owned by Universal Health Services start filing breach reports about Adelanto HealthCare Ventures breach in 2021 (Update5)
Happening now: A number of hospitals are filing breach notices this week that appear to be linked to a breach at Adelanto HealthCare Ventures (AHCV) in 2021. The hospitals are all owned by Universal Health Services LLC (UHS). So far, DataBreaches has found McAllen Hospitals, LP d/b/a South Texas Health System, Doctors Hospital of Laredo,…
Norwegian data protection authority fines U.S. firm almost $240,000 for failure to notify within 72 hours
It’s encouraging to see breach notification deadlines taken seriously. The Norwegian Data Protection Authority has imposed a monetary penalty of NOK 2.5 million on Argon Medical Devices for breaching Article 33 (1) of the GDPR. That article requires controllers to notify the regulator of a personal data breach within 72 hours. According to Datatilsynet (the…