Larry Rulison reports: Lawyers for patients of Community Care Physicians that were victimized by a cyber ransomware attack last December are suing the accounting firm that the medical practice hired to protect its customer data, some of which was published online. The class-action lawsuit was filed in state Supreme Court in Albany last month against …
Category: U.S.
FTC Reaches Settlement with Kohl’s over Allegations it Failed to Provide Victims with Information Related to Identity Theft
From the FTC, this press release: Kohl’s Department Stores, Inc. has agreed to pay a civil penalty of $220,000 to settle Federal Trade Commission allegations that the Wisconsin-based retailer violated the Fair Credit Reporting Act (FCRA) by refusing to provide complete records of transactions to consumers whose personal information was used by identity thieves. In…
(UPDATED) AL: Florence city computer systems hit by cyber attack
Update: After you read the news report below, do read Brian Krebs’ report on how he had warned them that DoppelPaymer operators had compromised one of their Windows 10 systems. The city thought it dodged the bullet after responding to his alert. They hadn’t. WAFF in Alabama reports: The city of Florence confirms its computer…
PA: Everett & Hurite Ophthalmic Association discloses breach involving protected health information
From Everett & Hurite Ophthalmic Association, this breach notification: Everett & Hurite Ophthalmic Association (“EHOA”) is posting the following statement to inform our patients of a recent event that could potentially affect the security of certain information. EHOA takes this incident very seriously and we regret any inconvenience or concern this incident may cause. What…
San Francisco Employees’ Retirement System notifies employees of contractor breach
The San Francisco Employees’ Retirement System has been notifying people about a breach. From their notification, this explanation of what happened: The Retirement System contracts with vendors to provide SFERS members with on‐ line access to their account information. One of the vendors, 10up Inc., set up a test environment on a separate computer server…
University of Utah patients notified after phishing incident compromised employee email accounts
David Wells reports: Some of University of Utah Health’s patients are receiving notice that their private information may have been compromised in a recent email security breach. According to U of U Health, some of its employees’ email accounts were compromised in phishing schemes, resulting in unauthorized access of those accounts between April 6 and…