Tonya Riley reports: IBM Corp. and Johnson & Johnson Health Care Systems Inc. face a Florida man’s proposed class action over an August data breach that potentially exposed the personal health information of more than a half-million people. Plaintiff Jarvis Bryant Jenkins alleged the companies were negligent regarding the safety of his sensitive health records,…
Category: Subcontractor
From ransomware to attacks on vendors, school districts face multiple threats
Shirley Bilye provides an update on a ransomware attack affecting an Illinois school district: Meredosia-Chambersburg school district has been able to get most of its computer system back online after a cyberattack tried to hijack the network. Earlier this month, staff members started having problems using their computers. The screens eventually went black and the…
Illuminate Education Defeats Data Breach Lawsuit for Second Time
Christopher Brown reports: Illuminate Education Inc. defeated for the second time a proposed class action alleging it failed to protect the personal information of more than 3 million elementary and high school students, which was exposed in a December 2021 data breach. The plaintiffs failed to show that they had suffered concrete harm from the breach…
A Hacker Faked His Own Death–Then Claimed To Have Sold Marriott Customer Data To Russians, FBI Says
Thomas Brewster reports: A hacker told the FBI earlier this year that he sold access to the personal data of Marriott hotel customers on a Russian forum, according to a search warrant obtained by Forbes. He also hacked into a number of U.S. state death certificate registration agencies in an effort to fake his own demise,…
CMS Notifies Additional Individuals Potentially Impacted by MOVEit Data Breach
As part of an ongoing investigation into the May 2023 data breach of Progress Software’s MOVEit Transfer software on the corporate network of Maximus Federal Services, Inc. (Maximus Federal Services), a contractor to the Medicare program, the Center for Medicare & Medicaid Services (CMS) has learned of additional individuals whose personally identifiable information (PII) may…
Was a recent OCR settlement fair? Maybe, but maybe not.
Sometimes you think you did a good job — and sometimes you actually did do a good job compared to everyone else — but someone comes along and says what you did wasn’t satisfactory at all. And when that “someone” is the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR),…