David Sun reports: Personal details of Fullerton Health customers were stolen by hackers and hawked online, after a vendor of the private healthcare group suffered a breach earlier this month. The data was put up for sale on hacking forums from Oct 11, and could be bought for US$600 (S$810) in Bitcoin. However, checks by…
Category: Subcontractor
Email breach at vendor to alliance of dental practices impacts numerous practices, more than 170,000 patients
For the second time in the past year, an alliance serving dental practices has been hit with a cyberattack. Last year’s attack impacted patients at Kids First Dentistry & Orthodontics, a subsidiary of Professional Dental Alliance of Connecticut. They reported a a ransomware attack on First Impressions Orthodontics impacted their patients. This year, a number…
DOJ Announces New Cyber-Fraud Initiative Promoting False Claims Act Enforcement Against Contractors and Grantees Failing to Follow Cybersecurity Standards
Anthony Mirenda, Stephen Garvey, and Natalie Panariello of Foley Hoag write: As we anticipated last spring, the Department of Justice (DOJ) has signaled that it will utilize civil enforcement of the False Claims Act (FCA) to address new and emerging cybersecurity threats. On October 6, 2021, Deputy Attorney General Lisa Monaco announced the launch of a new…
Popular student monitoring software could have exposed thousands to hacks
Mark Keierleber reports: A monitoring company that thousands of schools used during remote and hybrid learning to ensure students were on task may have inadvertently exposed millions of kids to hackers online, according to a September report by the security software company McAfee. The research, conducted by the McAfee Enterprise Advanced Threat Research team, discovered the…
Williamsville School employees’ private health data inadvertently leaked by Independent Health
WGRZ reports: Independent Health said Friday that the names, member ID numbers and medical information for over 500 Williamsville School District employees were accidentally released to stop loss carriers and brokers. The inadvertent breach took place between August 2019 and August 2021 and was discovered during a regular safety and security review. It did not…
NJ: Acting AG Bruck Announces Settlement with Fertility Clinic over Cybersecurity Lapses and Data Breach
There’s an update to a 2017 breach affecting patients of Diamond Institute for Infertility and Menopause. At the time, they reported a hack of a third-party server that impacted more than 14,000 patients. Today, the state of New Jersey announced a settlement in their enforcement action against the entity: NEWARK – Acting Attorney General Andrew J….