From the Privacy and Data Protection Commission of Singapore, there’s an update to a breach that was previously disclosed in October 2021: A financial penalty of $58,000 and $10,000 was imposed on Fullerton Healthcare and Agape CP Holdings respectively for failing to put in place reasonable security arrangements to protect personal data belonging to Fullerton…
Category: Subcontractor
At least 100,000 could have had data exposed after US health department was hit by global MOVEit cyberattack
Sean Lyngaas reports: At least 100,000 people could have had their data compromised by a hack of contractors at the Department of Health and Human Services, a department official said Thursday, making it the latest US government agency to be caught up in a sweeping cyberattack connected to Russian cybercriminals. HHS notified Congress of the breach on…
Henrietta Johnson Medical Center patients affected by breach at Delaware Health Net
CORRECTION AND UPDATE: DataBreaches has been contacted by a spokesperson for Delaware Health Information Network who says that they were not the party responsible for this breach and this site should not have linked to them and should have linked to Delaware Health Net if they were the responsible party. DataBreaches checked the medical center’s…
HHS Office for Civil Rights Settles HIPAA Investigation with iHealth Solutions Regarding Disclosure of Protected Health Information on an Unsecured Server for $75,000
HHS has announced another Security Rule enforcement action. This one involves iHealth Solutions (dba Advantum Health), a business associate. The incident involved an unsecured server where protected health information of patients was exfiltrated. The iHealth incident had been discovered by Kromtech Security and was first reported by DataBreaches on May 9, 2017. On May 10,…
Oreo cookie maker says crooks gobbled up staff info
Jessica Lyons Hardcastle reports: Mondelez International has warned 51,000 of its past and present employees that their personal information has been stolen from a law firm hired by the Oreo and Ritz cracker giant. To be clear, the miscreants didn’t infiltrate Mondelez’s IT estate: they broke into Bryan Cave Leighton Paisner LLP‘s network. And as…
Ransomware Gang Haunted US Firms Long Before MOVEit Hack
Jamie Tarabay reports: Shell Plc, IAG SA’s British Airways, the British Broadcasting Corp., the state of Minnesota’s Department of Education, multiple federal agencies — they’re among the victims of the latest data breach launched by Clop, a Russian-speaking hacking group that’s attacking targets around the world in both the public and private sectors. The Clop gang, also known as…