Christopher Brown reports: A data-breach victim whose personal information was subject to actual misuse has standing to sue the entity that suffered the breach, a federal appeals court said. Plaintiff Alexsis Webb plausibly alleged an injury-in-fact sufficient to confer standing to sue Injured Workers Pharmacy Inc. based on her allegation that information stolen from the…
Category: U.S.
Paying the ransom: Hospitals face hard choices in cyberattacks | Special Report
Ron Southwick has a thoughtful piece on the complexities of deciding whether or not to pay ransom if a healthcare entity is the victim of a cyberattack. As experts comment, while most experts and law enforcement prefer victims not pay ransom, sometimes entities decide they need to do it. But what are they paying it…
At least 100,000 could have had data exposed after US health department was hit by global MOVEit cyberattack
Sean Lyngaas reports: At least 100,000 people could have had their data compromised by a hack of contractors at the Department of Health and Human Services, a department official said Thursday, making it the latest US government agency to be caught up in a sweeping cyberattack connected to Russian cybercriminals. HHS notified Congress of the breach on…
Mountain View Hospital restores clinical functions; culprit behind cyberattack still unknown
Logan Ramsey provides an update on a previously noted ransomware attack: An area hospital has been working for over a month now to resolve a cyberattack and progress is being made. Mountain View Hospital has managed to restore clinical functions for itself, Idaho Falls Community Hospital and its partner clinics. The IT team and other…
Henrietta Johnson Medical Center patients affected by breach at Delaware Health Net
CORRECTION AND UPDATE: DataBreaches has been contacted by a spokesperson for Delaware Health Information Network who says that they were not the party responsible for this breach and this site should not have linked to them and should have linked to Delaware Health Net if they were the responsible party. DataBreaches checked the medical center’s…
High school changes every student’s password to ‘Ch@ngeme!’
File this in your “You did WHAT?!” file. Lorenzo Franceschi-Bicchierai reports that after a cybersecurity audit mistakenly reset everyone’s password, Oak Park and River Forest High School in Illinois did a global replace, changing all students’ passwords to “Ch@ngeme!” to prompt them to change their password. What could possibly go wrong if you now know…