It occasionally happens that a breach or incident response creates a second incident of its own. That seems to be the case with Alive Hospice, as this newest press release suggests, but does this require second notification to HHS/OCR? My first impression is that it would, but I’m interested to hear what HIPAA lawyers might…
Category: U.S.
No municipality paid ransoms in ‘coordinated ransomware attack’ that hit Texas
Catalin Cimpanu reports: A coordinated ransomware attack hit 22 Texas local governments, but none of the impacted municipalities paid ransom demands, Texas state officials said this week. Three weeks after the incident took place, the Texas Department of Information Resources (DIR) said that more than half of the impacted entities are now back to operations…
Meridian Community College discloses a breach that was discovered in January
A breach notification by Meridian Community College demonstrates once again, why entities should make determined efforts not to leave emails in employee accounts that may have personally identifiable information in attachments or the emails themselves. In this case, the types of personal information included name, Social Security number, driver’s license number, passport number, date of…
MN: Metro Mobility notifies 15,000 customers of data breach that may have exposed personal information
Chris Serres reports: A data breach at Metro Mobility, the Twin Cities transit service for people with disabilities, may have exposed the personal information of up to 15,000 individuals who use it. Metro Mobility has notified customers that an employee’s e-mail account was hacked by an unauthorized person, compromising personal ride information between June 13…
Update on Pearson Breach: Parent Files Class-Action Suit After Data Breach Exposes Nearly 1 Million Schoolchildren’s Personal Information
CBS reports: A mother filed a federal class-action lawsuit on her daughter’s behalf Thursday, after nearly a million students nationwide had their personal information exposed in a data breach by a company used to track student academic progress. The Indian Prairie School District 204 in Naperville was among the academic districts affected. The woman, identified…
Two men accused of harassing NJ police officers by posting hacked personal info online
Joshua Jongsma reports: Two New York men hacked the personal information of 50 North Jersey public employees, mostly police officers, and posted much of it online, authorities said. Evan Koulikov, 21, of Spring Valley, New York also made harassing phone calls to many of the victims, according to the Bergen County Prosecutor’s Office. Eric Williams,…