Shelly Bradbury reports: A cyberattack on the Office of the Colorado State Public Defender forced the agency to shut down its computer network, locking public defenders across the state out of critical work systems and prompting attorneys to seek delays in their court cases. Office spokesman James Karbach confirmed the breach in a statement Monday,…
Category: U.S.
BakerHostetler Files Amicus Brief on Behalf of 30 Hospitals and Health Systems
BakerHostetler writes: As noted back in December 2022, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) has issued dramatic guidance (often called the Bulletin) that targets the use of so-called Internet “tracking technologies” on the public websites of HIPAA-covered entities. Fueled by this guidance, healthcare providers have faced a dual threat…
IT suppliers hacked off with Uncle Sam’s demands in aftermath of cyberattacks
Brandon Vigliarolo reports: Organizations that sell IT services to Uncle Sam are peeved at proposed changes to procurement rules that would require them to allow US government agencies full access to their systems in the event of a security incident. The rules were unveiled in a draft update to the Federal Acquisition Regulation (FAR) that refreshes security…
Verizon insider data breach affects over 63,000 employees
Bleeping Computer reports that Verizon has notified the Maine Attorney General’s Office of an insider data breach affecting 63,206 employees. According to their sample notice of what was sent to those affected, an employee gained unauthorized access to employee data on September 21, 2023, although Verizon didn’t discover the problem until December. The types of…
Lawsuits Involving GoAnywhere Data Breach Consolidated at One Florida Federal Court
The ransomware gang known as Clop created massive headaches for numerous entities with attacks involving the exploitation of vulnerabilities in file transfer software. Since December 2020, the same gang exploited vulnerabilities in Accellion, Fortra’s GoAnywhere software, and Progress Software’s MOVEit software. Christopher Brown reports a litigation update in cases stemming from the GoAnywhere breach disclosed…
Atlanta Women’s Health Group notifying patients of April 2023 data breach
John Shirek reports that Atlanta Women’s Health Group just notified more than 30,000 patients about a data breach that occurred in April, 2023. As is too often the case, the incident resulted in the theft of patients’ protected health information. 11Alive reproduced part of the letter sent to patients, which says: “…while the unauthorized user…