To follow up on two previously reported breaches involving protected health information, here are two class action settlements that involve business associates: CSI Financial Services aka ClearBalance In July 2021, DataBreaches reported a breach at CSI Financial Services, aka ClearBalance, a firm that services loans made by hospitals and providers to patients who need to…
Category: U.S.
Aeries Software settles claims over 2019 data breach
There’s an update to a 2019 data breach involving Aeries Software that impacted more than 150 school districts. Top Class Actions reports that Aeries has agreed to pay $1.75 million to resolve claims that the breach compromised personal information of San Dieguito Union High School students. The case is Gupta, et al. v. Aeries Software…
NY: Empress EMS hit by Hive ransomware
On September 9, Empress EMS in New York contacted HHS to report an incident that affected 318,558 patients. According to a notice on their website, an unauthorized individual gained access to their system on May 26 and copied what they describe as a “small subset of files” on July 13. On July 14, Empress discovered…
Fired Uber attorney testifies against ex-security chief in trial over 2016 data breach cover-up
Maria Dinzeo reports: A onetime attorney for Uber who was fired for his role in a suspected coverup of a major 2016 data breach took the stand in the criminal criminal obstruction trial of his former boss on Wednesday, testifying that ex-security chief Joe Sullivan was responsible for changes to a nondisclosure agreement with two…
Cyber Criminals Targeting Healthcare Payment Processors, Costing Victims Millions in Losses
IC3.gov PIN 20220914-001 14 September 2022 TLP: WHITE Summary The FBI has received multiple reports of cyber criminals increasingly targeting healthcare payment processors to redirect victim payments. In each of these reports, unknown cyber criminals used employees’ publicly-available Personally Identifiable Information (PII) and social engineering techniques to impersonate victims and obtain access to files, healthcare…
OIG Warns USCIS Over Unauthorized Access to Systems and Information
Kylie Bielby reports: The Office of Inspector General (OIG) says U.S. Citizenship and Immigration Services (USCIS) did not apply the access controls needed to restrict unnecessary access to its systems, networks, and information. Access controls help to limit individuals from gaining inappropriate access to systems or data. But an OIG audit has found that USCIS…