New Jersey psychiatry practice pays $30,000 to settle complaint about impermissible disclosure of protected health information by disclosing this information in online review Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announces a settlement with Manasa Health Center, LLC, a health care provider in New Jersey that provides…
Category: U.S.
South Jersey Behavioral Health Resources discloses ransomware attack
South Jersey Behavioral Health Resources has disclosed that they were hit with a ransomware attack on April 3. They do not indicate what group attacked them, or what any ransom demand may have been, and DataBreaches has not seen this incident on any leak site to date. According to their notification, “The investigation remains ongoing,…
Canopy Children’s Solutions continues to investigate ransomware attack in April
In early May, a new group of threat actors known as Nokoyawa added Canopy Children’s Solutions in Mississippi to their leak site. On June 2, Mississippi Children’s Home Society, CARES Center, Inc., Mississippi Children’s Home Services, Inc., d.b.a. Canopy Children’s Solutions (“Canopy”) a press release acknowledging that on April 4, they experienced an attack that…
Hackers Using MOVEit Flaw to Deploy Web Shells, Steal Data
Exploiting vulnerabilities in file transfer software for businesses and medical practices can result in a treasure trove of valuable data and the opportunity to try to extort oh, so many victims. First it was an Accellion vulnerability, exploited by Cl0p (past coverage). Then it was a Fortra GoAnywhere vulnerability, exploited by Cl0p (past coverage). Now…
Update on GLBA Safeguards Rule in Higher Education
Benjamin Wanger and Pierce T. Cox of BakerHostetler write: On February 9, 2023, the Department of Education Office of Federal Student Aid (“FSA”) issued an electronic notice regarding the Federal Trade Commission’s Final Rule amending the Standards for Safeguarding Customer Information (“Safeguards Rule”) under the Gramm-Leach-Bliley Act (“GLBA”). The amendments to the Safeguards Rule, which go into…
Middlesex Co. Public Schools confirms ransomware attack
Jimmy LaRoue reports: The superintendent for Middlesex County Public Schools confirmed Thursday that the school division was the subject of a recent ransomware attack. “We can confirm that Middlesex County Public Schools recently suffered a ransomware attack,” said Superintendent Dr. Tracy Seitz in a statement to 10 On Your Side. “We took immediate action to…