On December 22, ProSmile Holdings, LLC in New Jersey issued a press release about a data breach. If ProSmile — a dental service organization — is a business associate or otherwise covered under HIPAA, no report from them has shown up yet on HHS’s public breach tool. They write, in part: In July 7, 2022,…
Category: U.S.
Mint Mobile discloses new data breach exposing customer data
Lawrence Abrams reports: Mint Mobile has disclosed a new data breach that exposed the personal information of its customers, including data that can be used to perform SIM swap attacks. Mint is a mobile virtual network operator (MVNO) owned by T-Mobile, offering budget, pre-paid mobile plans. […] The customer data exposed in the breach includes:…
U.S. water utilities were hacked after leaving their default passwords set to ‘1111,’ cybersecurity officials say
Wilfred Chan reports: Providers of critical infrastructure in the United States are doing a sloppy job of defending against cyber intrusions, the National Security Council tells Fast Company, pointing to recent Iran-linked attacks on U.S. water utilities that exploited basic security lapses. The security council tells Fast Company it’s also aware of recent intrusions by hackers linked to China’s…
AbbVie files trade secrets suit against Adcentrx and former employee
Nicole DeFeudis reports: AbbVie accused a former employee and a rival oncology developer of stealing trade secrets about its antibody-drug conjugate programs. The pharma giant on Friday filed suit in California federal court against Adcentrx and scientist Danny Lee, who left AbbVie in 2021 to join Adcentrx. The complaint alleges that Lee was “in a…
Fairfax Co. concludes investigation into student data breach
Scott Gelman reports: An investigation into how Fairfax County Public Schools accidentally shared other students’ private information with a parent during a fall meeting has concluded, Superintendent Michelle Reid said in a letter to families Thursday. The external review, conducted by the law firm Woods Rogers, found that the data breach occurred because the parent…
Lovelace restores patient portal following cyberattack
Megan Gleason reports: Lovelace patients can once again schedule their appointments and refill their prescriptions online. The Lovelace Health System restored access to its patient portal, MyChart, on Thursday. The system was down following a cyberattack on Ardent Health Services, Lovelace’s parent company, detected on Thanksgiving. The inaccessible patient portal caused difficulties for some people in rescheduling…