BakerHostetler writes: On Thursday, Jan. 23, DISA Global Solutions, Inc. (DISA) provided an update to customers regarding its April 2024 cyber incident, including the results of its data review and notification plans. According to DISA, its investigation determined an unauthorized third party accessed its environment between Feb. 9, 2024, and April 22, 2024, and “procured…
Category: U.S.
Almost one year later, NorthBay Health notifies 569,012 people of breach of sensitive information
While some states are decreasing the amount of time entities have to notify the state or individuals of a breach, the reality is that many entities are nowhere near complying with even more lenient deadlines. HIPAA, for example, allows entities no more than 60 calendar days from discovery of a breach (the first day they…
Ransomware attack kept ENGlobal out of some systems for 6 weeks
Jonathan Greig reports: Officials at a large energy industry and federal government contractor were locked out of company financial systems for six weeks due to a recent ransomware attack. ENGlobal Corporation revealed the extended disruptions in an update to the U.S. Securities and Exchange Commission on Monday evening. “The cybersecurity incident limited the Company’s ability to access…
Attorney General James Secures $450,000 from Companies Selling Home Security Cameras that Failed to Secure Private Videos
NYS Attorney General has been the most active state attorney general in terms of going after entities that don’t secure data properly. The following is from her latest press release: NEW YORK – New York Attorney General Letitia James secured $450,000 from three companies that distribute eufy home security video cameras for failing to secure consumers’…
Frederick Health recently identified a ransomware attack
From Frederick Health’s website: January 28, 2025 – Frederick Health Medical Group offices are open. Please be aware that you may experience delays as we continue to operate under current circumstances. In the event that your appointment cannot proceed, the office team will work with you to reschedule as soon as possible. January 27, 2025 – Frederick…
UnitedHealth estimates 190M people impacted by Change Healthcare cyberattack
Paige Minemyer reports: Change Healthcare now estimates that 190 million people were impacted in the massive cyberattack that took down its services nearly a year ago. UnitedHealth Group, Change’s parent company, said in a statement to Fierce Healthcare that the “vast majority” of people impacted have received an individual or substitute notice about the breach….