Charles Toutant reports: A New Jersey hospital has been hit with six class action suits after hackers obtained patient information in a data breach. CentraState Medical Center allegedly failed to take adequate precautions to prevent such attacks, and then compounded the error by waiting six weeks to notify plaintiffs and class members about the breach,…
Category: U.S.
In updated disclosure, News Corp says state hackers were on its network for two years
Sergiu Gatlan reports: Mass media and publishing giant News Corporation (News Corp) says that attackers behind a breach disclosed in 2022 first gained access to its systems two years before, in February 2020. This was revealed in data breach notification letters sent to employees affected by the data breach, who had some of their personal and health information…
Misconfiguration caused data breach affecting Stanford University PhD applicants
Sergiu Gatlan reports: Stanford University disclosed a data breach after files containing Economics Ph.D. program admission information were downloaded from its website between December 2022 and January 2023. Last week, the university sent data breach notification letters to 897 individuals who submitted personal and health information as part of the graduate application to its Department of Economics,…
True Health New Mexico settles lawsuit over 2021 ransomware incident
True Health New Mexico has agreed to a class action settlement to resolve claims that the health insurance provider failed to protect patient data from an October 2021 data breach. As reported by Top Class Actions, plaintiffs in several lawsuits claimed True Health New Mexico failed to protect their sensitive information from a ransomware attack…
KS: Hutchinson Clinic issues alert concerning December data breach
KWCH reports: A Kansas health clinic issued a notice to federal law enforcement about a data breach that happened late last year. The Hutchinson Clinic said around Dec. 21, it was made aware of suspicious activity related to its computer systems. The clinic said a hacker they labeled “an unauthorized actor” had the ability to…
L.A. Unified admits that at least 2,000 student records dumped after ransomware attack
Mark Keierleber’s article on The 74, noted on this blog yesterday and discussed by some of us on infosec.exchange, has apparently resulted in the district making some small admissions. Howard Blume reports: The Los Angeles Unified School District disclosed Wednesday that “approximately 2,000 student assessment records” were posted on the dark web as a result…