Mike Leonard reports: LabCorp’s board and top executives were hit with a Delaware lawsuit blaming them for investor losses stemming from two massive data breaches by a billing vendor that exposed the personal information of millions of patients. The derivative suit targets the medical testing giant’s directors, CEO, chief financial officer, and chief information officer. Read…
Category: Subcontractor
Massive & Unprecedented Security Breach Takes Usenet Providers Offline
Andy writes: A massive security breach has taken at least one major Usenet provider offline. UseNext says that a “security hole in a partner company” could have revealed names and bank account information, exposing customers to fraud and identity theft. The precise nature of the breach isn’t clear but reports that a Usenet client has…
(UPDATE 2 ): MO: Poplar Bluff Regional Medical Center notifying patients after tornado hits secure records service provider
I read relatively few reports of breaches due to weather-related events, floods, or fires, but when I do see them, I try to post them. This one involves a business associate that provides secure records services. A tornado struck their building in Tennessee on March 3. The disaster impacted patients in Missouri. As Poplar Bluff…
DoppelPaymer team leaks Boeing, Lockheed Martin, SpaceX, documents after Visser Precision refuses to pay
Shaun Nichols and Gareth Corfield report: Internal confidential documents belonging to some of the largest aerospace companies in the world have been stolen from an industrial contractor and leaked online. The data was pilfered and dumped on the internet by the criminals behind the DoppelPaymer Windows ransomware, in retaliation for an unpaid extortion demand. Read…
An old HIPAA incident rears its very ugly head again
Like other journalists who cover data breaches in the healthcare space, I routinely check HHS’s public breach disclosure tool (sometimes called “The Wall of Shame”) to see what breaches have been reported to them and with what numbers. One of the recent entries was from a “Stephan C. Dean” who listed himself as a business…
Rogers notifies customers their personal information may have been compromised
Aisha Malik reports: Rogers has notified customers that their personal information may have been compromised in a data breach. “On February 26, 2020, Rogers became aware that one of our external service providers had inadvertently made information available online that provided access to a database managed by that service provider,” Rogers wrote on its support…