In August, 2019, this site noted that CafePress had been hacked in February. On October 1, 2019, I shared some of the notification I had received from them via email on September 30 because I found their notification confusing. Yesterday, state attorneys general announced a settlement with CafePress, stemming from the breach. This is the…
Category: U.S.
Florida launches investigation into hacking of its servers
Bobby Caina Calvan of AP reports: Florida officials acknowledged Friday that state servers appear to have been compromised by overseas hackers who gained entry by imbedding malicious code into networking software from a Texas-based software company, SolarWinds. Two Florida officials who have knowledge of the matter but spoke on condition of anonymity because they were…
Nuclear weapons agency breached amid massive cyber onslaught
Natasha Bertrand and Eric Wolff report: The Energy Department and National Nuclear Security Administration, which maintains the U.S. nuclear weapons stockpile, have evidence that hackers accessed their networks as part of an extensive espionage operation that has affected at least half a dozen federal agencies, officials directly familiar with the matter said. On Thursday, DOE…
NEXA Mortgage sued over broker’s alleged data theft
James Kleimann reports: In a lawsuit filed last week, a mortgage brokerage claimed that one of its former loan officers stole a database containing client names and information and brought it with him to a new job at NEXA Mortgage. Smart Mortgage, which operates in Illinois, Indiana, Colorado and Florida, filed suit against former senior loan…
MEDNAX Services notifies patients of data breach
Another business associate under HIPAA has disclosed a breach. You may not recognize their name, but they may handle your medical group’s billing or other functions, so if you get a letter from “MEDNAX,” don’t just assume it’s a scam. Florida-headquartered MEDNAX Services, Inc provides revenue cycle management and other administrative services to physician groups. …
OCR Releases Its 2016-2017 Audit Report on Health Care Industry Compliance with the HIPAA Rules
Today, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) released its 2016-2017 HIPAA Audits Industry Report that reviewed selected health care entities and business associates for compliance with certain provisions of the HIPAA Privacy, Security, and Breach Notification Rules. The Health Information Technology for Economic and Clinical…