Reuters reports: Planned Parenthood’s Los Angeles clinics suffered a ransomware attack in October and personal information of 400,000 patients was stolen, a spokesperson for the women’s reproductive healthcare organization said on Wednesday. Spokesperson John Erickson said an “unauthorized person” gained access to the Los Angeles affiliate’s network between Oct. 9 and 17 and installed ransomware…
Category: U.S.
UK watchdog’s punishment for Blackbaud, Easyjet, other big privacy lawbreakers was slap on the wrist in private
Gareth Corfield reports: Blackbaud was given a private slap on the wrist by the UK’s Information Commissioner’s Office (ICO) after paying off criminals who stole users’ financial data from the cloud CRM biz’s servers. The astonishingly mild sanction was revealed in a Freedom-of-Information response after senior data protection specialist Jon Baines at London law firm Mishcon de Reya asked…
Vendors and HIPAA
Matt Fisher of Carium writes: An important part of establishing strong security for an organization rests with how it interacts with its vendors. The creation of a chain of entities creating, interacting with, storing, or otherwise handling sensitive patient information starts at the top, but can easily and frequently go down many layers. Given the…
Quest’s ReproSource faces patient lawsuit over data breach impacting 350K patients
Jessica Davis reports: One month after notifying 350,000 patients of a potential theft of their protected health information, ReproSource Fertility Diagnostics has been sued by a patient over alleged security failings. ReproSource is a clinical laboratory for fertility specialists and a subsidiary of Quest Diagnostics. First disclosed Oct. 8, an attacker hacked into the ReproSource network in…
SUNY Geneseo student to face hacker in court two years after explicit photos were leaked
Carla Rogner reports: Natalie Claus is looking forward to graduating from SUNY Geneseo in December, but first she is focusing on another date on her calendar. On Wednesday, Claus will face a stranger in court, David Mondore, who hacked her snapchat account in December 2019 and sent an explicit photo saved in her private folder to…
Medsurant Health discloses ransomware incident, but not yet notifying patients
Medsurant Health in Pennsylvania recently notified HHS that 45,000 patients were impacted by a breach. The patients are not yet being notified, however, because it seems Medsurant is still trying to figure out who needs to be notified. In a statement published November 29, Medsurant stated that they received an email from a threat actor…