HIPAA Journal reports that the University of Pittsburgh Medical Center (UPMC) has agreed to a $2.65 million settlement to resolve a data breach lawsuit filed by employees affected by a February 2014 data breach that resulted in many employees becoming victims of tax refund fraud. Read about the terms of the settlement on HIPAA Journal.
Category: U.S.
CA: Threat actors dump tens of thousands of driver’s license images and several thousand credit reports for customers of Walter’s Automotive Group
Credit reports for a few thousand customers of Audi Ontario and Porsche Ontario dealerships were dumped by ransomware threat actors who claim they locked Walter’s Automotive Group and exfiltrated data, but Walter’s would not respond to them. More than 22,000 driver’s license images were also in the data dump. If you bought an Audi or…
Over 80 US Municipalities’ Sensitive Information, Including Resident’s Personal Data, Left Vulnerable in Massive Data Breach
I’ve been cutting down on the number of leaks I report that just seem like attempts to get publicity for firms. But this one affects government, so I am linking to it. WizCase’s team of ethical hackers, led by Ata Hakçıl, has found a major breach exposing a number of US cities, all of them using…
NC: University of North Carolina at Chapel Hill School of Medicine and University of North Carolina Hospitals notifying some patients of breach
From a press release: On May 20, 2021, University of North Carolina at Chapel Hill School of Medicine (SOM) and University of North Carolina Hospitals learned that an unauthorized person may have gained access to a single SOM faculty member’s email account. This SOM faculty member provides clinical services at UNC Hospitals. SOM and UNC…
Ransomware attacks target Virginia Tech, no data believed stolen
Amy Friedenberger reports Virginia Tech was the target of two cyberattacks recently. The most recent attack was part of the Kaseya incident. An earlier attack in May reportedly involved an attempt to encrypt the university’s server. In neither case was there any evidence of data exfiltration. Read more on The Roanoke Times.
WI: Governor Evers Signs Law to Enhance Insurance Cybersecurity Measures
July, 15 — Madison, Wis. — Today, Governor Tony Evers signed Act 73 into law creating new cybersecurity requirements for protecting data collected by the insurance industry. “From ransomware to data breaches, insurers and consumers are at an increasing risk of experiencing a serious cybersecurity incident,” said Insurance Commissioner Mark Afable. “The new consumer protections in this Act…