I recently came across a breach report that is a useful reminder of the value of ensuring that business associate agreements (BAA) are in place, and that compliance with the agreements is assessed regularly. In this instance Humana, a health plan, reported that on December 22, they were notified by a business associate that an…
Category: U.S.
AZ: City of Kingman government computer system hit by cyberattack
abc15 reports: Local and federal authorities are working with the City of Kingman after the city’s government computer system was targeted by a cyberattack. According to a Sunday release from spokeswoman Colleen Haines, the city became aware of the attack “throughout the entire computer system” on Friday. The FBI, Department of Homeland Security, and Arizona…
Some San Diegans’ personal information provided to Jewish Family Service exposed online
Morgan Cook reports: Jewish Family Service of San Diego, a prominent nonprofit aid organization, exposed thousands of messages, some with identifying information from people seeking help with everything from paying rent to escaping abusive relationships. The social-services charity, which helps people in crisis regardless of their faith, learned of the data breach Monday night, after…
Universal Health Services lost $67 million in cyberattack recovery
Ginger Christ reports: Universal Health Services said Thursday that the company lost $67 million in the second half of 2020 as a result of a September cyberattack. The Sept. 29 malware attack caused King of Prussia, Pa.-based UHS to temporarily take all of its U.S. information technology networks offline, including systems for medical records, laboratories and pharmacies. Servers…
The Jones Day dump contains prescription drug records. Who’s notifying those patients of the breach?
By now, many are aware that Jones Day, a giant law firm, had some of its files stolen due to vulnerabilities in the standalone file transfer administration system by Accellion. Jones Day is one of dozens of Accellion clients that have found themselves investigating and dealing with breaches affecting their businesses and clients. The Jones…
T-Mobile discloses data breach after SIM swapping attacks
Sergiu Gatlan reports: American telecommunications provider T-Mobile has disclosed a data breach after an unknown number of customers were apparently affected by SIM swap attacks. […] In a data breach notice sent to impacted customers on February 9, 2021, and filed with US attorney generals’ offices, T-Mobile revealed that an unknown attacker gained access to customers’ account…