In the past year, we have seen a significant increase in the use of dedicated leak sites where ransomware threat actors post the names of victims and dump some of their data to pressure them to pay demanded ransom. In the U.S., HIPAA gives covered entities no more than 60 days from discovery of a…
Category: U.S.
UVM Hospital Network Hit by Cyber Attack Restoring Services
NECN reports: Computer experts at the University of Vermont Medical Center are working to restore systems disabled in a cyberattack that have hurt the hospital’s ability to provide some cancer treatments. Officials are working to expand the capacity to provide chemotherapy at the UVM Medical Center in Burlington to seven days per week and three…
NYS Comptroller Audit of Susquehanna Valley Central School District IT Controls
It almost seems surreal to discuss a routine school audit in the midst of all the news right now, but here we go… The NYS Comptroller’s Office released its report on Susquehanna Valley Central School District to determine whether district officials established information technology (IT) controls over user access to protect against unauthorized use, access…
Mayo Clinic faces lawsuit in breach of patients’ health records
Not surprisingly, Mayo Clinic is facing a lawsuit over an insider-wrongdoing (snooping) breach that was disclosed last month. Jim Spencer reports: Patients whose medical records were improperly accessed by a former Mayo Clinic employee are attempting to mount a class-action lawsuit against the health care provider for failing to protect their sensitive personal data. The…
Alamance Skin Center reports ransomware attack
Andy Warfield reports: A Cone Health medical practice has been hit by a ransomware cyber attack. The Greensboro-based health system announced this week that on Oct. 21, Alamance Skin Center in Burlington was the victim of a phishing scam or brute force attack used to gain access to the system. Read more on BizJournals.
Club Fitness Provides Notice of Data Security Incident
A press release discloses a breach involving Club Fitness Holdings, Inc. (“Club Fitness”): On June 18, 2020, Club Fitness discovered a data security event that prevented access to data and programs on its network. Upon learning this, Club Fitness immediately began an investigation, and took action to secure and restore access to its network. Club Fitness…