AllyAlign Health (AAH), a Medicare Advantage special needs plan administrator, recently notified 76,348 members and providers of an attempted ransomware attack. But how successful were the threat actors? And what could the Virginia firm figure out and what couldn’t they figure out based on their investigation? According to AAH’s notification letter, the attack occurred on…
Category: Subcontractor
Security breach prompts lockdown of some Manitoba student databases
Josh Crabb reports: Electronic databases that contain personal information about some Manitoba students have been temporarily shut down following a security breach. The Maplewood system is run by an Ontario company and is used by 14 school divisions in Manitoba. There’s no evidence any data or personal information was compromised but some parents still have…
In a year of supply-chain attacks, do you have your business associate agreements in place?
I recently came across a breach report that is a useful reminder of the value of ensuring that business associate agreements (BAA) are in place, and that compliance with the agreements is assessed regularly. In this instance Humana, a health plan, reported that on December 22, they were notified by a business associate that an…
Your personal data may have been compromised, Malaysia Airlines tells its frequent flyer members
Shahrin Aizat Noorshahrizam reports: National carrier Malaysia Airlines informed members of its frequent flyer programme Enrich that there had been a “data security incident” at one of its third-party IT service providers. According to the airlines, the incident happened between a nine-year-period from March 2010 to June 2019. Read more on Malay Mail. The airline’s…
Israeli company engaged by Jamaica targeted by cyber crooks
Livern Barrett reports: The Jamaican Government, after months of silence, has disclosed that it has signed a five-year J$4-billion contract with the Israeli firm ELTA Systems Limited, but has sought to assure Jamaicans that they have nothing to fear. The disclosure and simultaneous assurance comes two months after a report by a technology website based…
The Jones Day dump contains prescription drug records. Who’s notifying those patients of the breach?
By now, many are aware that Jones Day, a giant law firm, had some of its files stolen due to vulnerabilities in the standalone file transfer administration system by Accellion. Jones Day is one of dozens of Accellion clients that have found themselves investigating and dealing with breaches affecting their businesses and clients. The Jones…