Christopher Brown reports: A hospital’s disclosure of patient health information to its charitable foundation didn’t violate the Minnesota Health Records Act, a state appellate court ruled. The MHRA permits disclosures of a patient’s health records without the patient’s consent when the disclosure is authorized in federal regulations, the Minnesota Court of Appeals said. Read more at…
Category: U.S.
Russian-speaking hackers knock US state government websites offline
Sean Lyngaas reports: Russian-speaking hackers on Wednesday claimed responsibility for knocking offline state government websites in Colorado, Kentucky and Mississippi, among other states — the latest example of apparent politically motivated hacking following Russia’s invasion of Ukraine. The Kentucky Board of Elections’ website, which posts information on how to register to vote, was also temporarily offline…
CHI Health faces ‘IT security incident’ impacting Omaha-area online systems
Molly Ashford reports: CHI Health locations in Omaha are dealing with an “IT security incident” affecting electronic health records and other systems, a spokeswoman said Monday. According to Taylor Miller, CHI’s parent company, CommonSpirit Health, was the victim of the security incident that is impacting facilities across the country. She said some information technology systems…
CT: Hamden mayor estimates $500,000 cost to address spring cyberattack
Meghan Friedmann reports: A May 26 cybersecurity event that compromised the town’s information technology system and affected government email for weeks is expected to cost the town roughly $500,000. The funds cover legal expenses, a forensics investigation, consultation services, a multi-factor authentication upgrade, security awareness training and increased storage space, according to a memorandum Mayor Lauren Garrett sent…
Why won’t they tell you that your data were leaked? Why doesn’t the government make them tell you?
For the past few years, DataBreaches has called out victims of cyberattacks who do not fully disclose how bad a breach was. Weasel words such as something “may have” happened when a victim knows damned well that it wasn’t just “may have” but did happen are just one example. Another example involves victims who claim…
VT: Randolph-area school district disables its own website following transphobic hack
Auditi Guha reports: The Orange Southwest Supervisory District’s website was hacked Saturday and inundated with “hate speech, symbols, and photographs targeting transgender invidividuals [sic],” superintendent Layne Millington wrote community members on Saturday. The incident prompted district leaders to disable its website and social media accounts, Millington wrote, and to refer the matter to local…