POSTED DATE: February 09, 2023 AUTHOR: Federal Student Aid ELECTRONIC ANNOUNCEMENT ID: GENERAL-23-09 SUBJECT: Updates to the Gramm-Leach-Bliley Act Cybersecurity Requirements On December 9, 2021, the Federal Trade Commission (FTC) issued final regulations (Final Rule) to amend the Standards for Safeguarding Customer Information (Safeguards Rule), an important component of the Gramm-Leach-Bliley Act’s (GLBA) requirements for protecting the…
Category: U.S.
AmerisourceBergen MWI Animal Health hit by Lorenz; Company investigating
The Lorenz ransomware group has added AmerisourceBergen/MWI Animal Health to their leak site with what teasingly appears to be a lot of data, except there is no key to unlock the leaked files. Those who want the key will have to contact Lorenz and buy the key. Lorenz did provide a file list as a…
MA: DotHouse Health discloses data breach but has yet to send letters to patients
On or about December 10, AlphV (aka BlackCat) added DotHouse Health.org to their leak site, where they attempt to pressure victims into paying any ransom demands. In this case, the threat actors did not post any proof pack, but they claimed to have infiltrated 800 GB of data from the Massachusetts HIPAA-covered healthcare provider. On…
Emailing error causes former Blue Cross Blue Shield customers to receive claims
Joseph Choi reports: Many former customers of Blue Cross Blue Shield (BCBS) health plans woke up on Friday to discover they had been notified of insurance claims despite not being covered by the provider for some time, causing concerns that a security breach could have leaked customer information. Several people on social media on Friday…
Sharp notifies nearly 63,000 patients of data breach involving payment portal
Paul Sisson reports: Sharp HealthCare, San Diego’s largest health provider, announced Monday that it has begun notifying 62,777 of its patients that some of their personal information was compromised during a hacking attack on the computers that run its website, sharp.com. Read more at San Diego Union-Tribune. Sharp’s notice can be found on their website….
Daylong 988 Suicide Line Outage Was Caused By Cyberattack
Amanda Seitz of AP reported: A cyberattack caused a nearly daylong outage of the nation’s new 988 mental health helpline late last year, federal officials told The Associated Press Friday. Lawmakers are now calling for the federal agency that oversees the program to prevent future attacks. “On December 1, the voice calling functionality of the 988 Lifeline…