Allie Coyne reports: The not-for-profit health fund that services Commonwealth Bank staff is warning customers not to click on dodgy emails after attackers stole customer data from one of its third-party partners. CBHS was established in 1951 by the Commonwealth Bank as a health fund for the bank’s staff. It later separated from CBA and opened up its…
Category: Subcontractor
University of Central Florida police trace credit card fraud to restaurant malware
Gabrielle Russon reports: UCF police have determined that a vendor whose restaurants had malware on its computers is the potential root of the spike in campus credit card fraud cases last month. The issue was found with AD Food Services, which operates Asian Chao, Huey Magoo’s and the Corner Café in the Student Union, the…
Feds rehire contractor linked to massive OPM data breach
Nicole Duran reports: The Obama administration has rehired an outside contractor that was partly responsible for what many think was the largest theft of personal information from the government in U.S. history, even as it continues to boast of several new steps it is taking to enhance federal cybersecurity. […] One of them is Key…
UPDATE: 5,000 Marin Medical Practices Concepts patient records lost during recovery from ransomware attack
In August, I noted a ransomware attack on Marin Medical Practices Concepts (MMPC), a business associate providing billing and EMR services to many physicians. The ransomware prevented the physicians from accessing patient records for more than 10 days, and Marin decided to pay an undisclosed amount of ransom. In an August 4 statement, however, they…
Newest OCR settlement highlights need to review and update Business Associate Agreements
A newly announced settlement between HHS OCR and Care New England reinforces what DataBreaches.net and Protenus, Inc. have been trying to remind everyone of this week: pay more attention to your business associate agreements and do so regularly. Care New England Health System (CNE), on behalf of each of the covered entities under its common ownership…
Napa Valley Dentistry notifies patients after theft of server from storage facility
A dental practice that purchased another dentist’s practice in 2012 finds itself having to notify their patients and his former patients after the theft of a server from a storage facility. In a letter to their patients and those of Dr. Justin Quinn, Dr. Justin Newberry of Napa Valley Dentistry states that on August 11, they discovered that a password-protected…