For those who would like a timely reminder about making sure you terminate access and take control of devices immediately when an employee or contractor terminates employment, consider this press release from the Southern District of New York on May 1. Damian Williams, the United States Attorney for the Southern District of New York, announced…
Category: U.S.
United Healthcare, Optum, and Change Healthcare Involved in Northeast Ohio Neighborhood Health Data Breach
Note: Marco A. De Felice (aka @amvinfe) has been doing some great investigative blogging on ransomware groups and incidents. If you’re not checking his SuspectFile site regularly, you are missing out on some of his exclusive reporting. De Felice’s recent coverage of Medusa’s attack on Northeast Ohio Neighborhood Health (NEON) begins: Another significant data breach…
Zoom misrepresents its Global Select service, then won’t cancel and refund? An FTC complaint has now been filed.
Pop Quiz: A company misrepresents what its service can do. An innocent consumer, having relied on their claims, signs up for their service but soon discovers that it cannot do what Sales had assured them it would. Upon discovering the misrepresentation within days of subscribing to the service, the consumer immediately tries to cancel the…
FTC Finalizes Changes to the Health Breach Notification Rule
The Federal Trade Commission today announced it has finalized changes to the Health Breach Notification Rule (HBNR) that will strengthen and modernize the rule by clarifying its applicability to health apps and other similar technologies and expanding the information that covered entities must provide to consumers when notifying them of a breach of their health…
Judge Advises Dismissal of CommonSpirit Breach Lawsuit
Marianne Kolbasuk McGee reports: A second federal judge has recommended the dismissal of a second proposed class action lawsuit against Catholic hospital chain CommonSpirit over a 2022 cyberattack and data breach that affected nearly 624,000 people. Both judges said the plaintiffs failed to show how they were harmed by the breach. U.S. Magistrate Judge Susan…
Kaiser to notify millions of a data breach after sharing patients’ data with advertisers
Zack Whittaker reports: U.S. health conglomerate Kaiser is notifying millions of current and former members of a data breach after confirming it shared patients’ information with third-party advertisers, including Google, Microsoft and X (formerly Twitter). In a statement shared wcith TechCrunch, Kaiser said that it conducted an investigation that found “certain online technologies, previously installed…