Kim Phan of Ballard Spahr writes: On March 3rd, the New York Department of Financial Services (“NYDFS”) announced a settlement with Residential Mortgage Services, Inc. (“RMS”) to resolve allegations that RMS violated the NYDFS Cybersecurity Regulation relating to a 2019 cyber breach. In July 2020, NYDFS conducted an examination of RMS as a licensed mortgage…
Category: U.S.
American Armed Forces Mutual Aid Association hack impacted more than 161,000
The American Armed Forces Mutual Aid Association, a non-profit organization in Virginia that provides insurance and benefits services to the military community, is notifying 161,621 individuals of a hacking incident. On January 29, AAFMAA became aware of suspicious activity on its system. Their investigation revealed that an unauthorized party had first gained access to certain…
Some UPMC St. Margaret patients’ info shared with unauthorized organization by now-former employee
Paul J. Gough reports that an employee of UPMC St. Margaret was fired after they sent a record to an unidentified outside organization that contained patient information. A March 5th statement on UPMC’s web site reveals that on August 8, 2020, UPMC first became aware of the inappropriate disclosure of a medication administration report to an…
SC: Sandhills Medical Foundation notifies patients of vendor breach
Updated 3/6/2021: Sandhills reported this incident to Maine as impacting 39,602 patients, total. Original Post: Sandhills Medical Foundation has posted a notice of a data security incident on their web site, reproduced below. Based on the dates and description, it appears that this is the Netgain Technology LLC data breach that has previously been noted…
Idaho man charged with hacking into the computers of the City of Newnan and metro-Atlanta medical clinics
It appears that law enforcement has caught up with “Lifelock.” DataBreaches.net had reported exclusively on “Lifelock” back in April of 2018, and then again in June and July of 2018. At the time, I pointed out some of the striking similarities between “Lifelock” and “thedarkoverlord” (or the one I refer to as the first spokesperson…
CA: St. Agnes Medical Center patient data compromised in email breach at St. Alphonsus
Donald A. Promnitz reports: Saint Agnes Medical Center has experienced a cybersecurity incident that originated with a sister hospital in the Pacific Northwest. According to a media release from Saint Agnes, an employee of Oregon/Idaho-based Saint Alphonsus Health System had their email compromised by an unauthorized user. This individual used the employee’s account to send…