HIPAA Journal reports: An audit of Connecticut’s Health Insurance Exchange, Access Health CT, by the state auditor has revealed Access Health CT suffered 44 data breaches over the last 3.5 years that had not been fully reported and that sufficient steps had not been taken to safeguard sensitive data. The Connecticut Health Insurance Exchange acts…
Category: U.S.
Block confirms Cash App breach after former employee accessed US customer data
Carly Page reports: Block has confirmed a data breach involving a former employee who downloaded reports from Cash App that contained some U.S. customer information. In a filing with the Securities and Exchange Commission (SEC) on April 4, Block — formerly known as Square — said that the reports were accessed by the insider on December 10. “While this…
55,000 there, 190,000 there, 1.8 million there, and the breaches roll on…
Taylor Regional Hospital in Kentucky recently notified 190,209 patients of breach that they identified in January. An investigation determined that an unauthorized person had gained access to their network between November 2, 2021 and January 19, 2022, and obtained certain files from their systems containing patients’ names, and one or more of the following: address,…
Rattled by RIPTA breach that affected 22,000, lawmakers propose policy changes
Antonia Noori Farzan reports: Lawmakers say that last year’s breach of Rhode Island Public Transit Authority computer systems highlighted glaring problems with the way the state responds to the theft of people’s personal data. […] DiPalma’s bill, S 2664, is designed to expand the protections and reporting requirements outlined in the Identity Theft Protection Act of 2015. A companion bill, H…
Solar Winds can’t dodge investor suit over massive cyberattack
Stephen Paulsen reports: An Austin-based tech company may be liable to investors after it suffered a major security breach that caused its stock price to plummet, a federal judge ruled. Although that company, SolarWinds, was itself a victim of the breach, the company may had acted recklessly in protecting its software, U.S. District Judge Robert Pitman…
Eight years later, University of Pittsburgh Medical Center breach victims will finally settlement checks
Paula Reed Ward reports: UPMC on Thursday will begin making payments to 66,000 employees who were victims of a 2014 data breach — as part of a settlement approved late last year. Employees were notified via an email on Monday that they will receive a payment notification with a link to claim it electronically. They…