December appears to have been a rough month for Blue Cross Blue Shield of Michigan. Yesterday, I discovered that they had a second breach that was disclosed last month, although it seems to have flown under most media radar. The first breach, fairly widely reported already, involved a laptop stolen from a subsidiary’s employee that…
Category: U.S.
Ransomware, phishing attacks top new HHS list of cyberthreats in healthcare
Eli Richman reports: Email phishing attacks, ransomware attacks and attacks against connected medical devices are among the greatest cyberthreats that health systems need to protect against, according to new cybersecurity guidance for health systems from the Department of Health and Human Services.Released last week, the Health Industry Cybersecurity Practices were released to help the industry identify…
Data leak shuts down Alaska’s PFD application website
KTUU reports that Alaska’s Permanent Fund Dividend web site is down and will remain down for now while the state investigates and remediates a data leak. ANCHORAGE, Alaska (KTUU) — Update: 10:27 p.m.:The Alaska Department of Revenue will not reopen the Permanent Fund Dividend application website until the integrity of filer information can be guaranteed, according…
Ohio Moves on Insurance Cybersecurity
Josephine Cicchetti of Carlton Fields writes: Ohio has joined South Carolina in becoming the next state to adopt a variation of the NAIC Insurance Data Security Model Law (“MDL-668”). This legislation makes a number of changes to Ohio’s insurance law, including the addition of a new Chapter 3965, which establishes “standards for data security and…
Six years after massive data breach, SC still fixing security, but ends victim credit monitoring
Andy Shain reports: Six years after one of the nation’s worst data breaches, South Carolina efforts to protect computer records from hackers remain a work in progress, but that did not prevent the end of free credit report monitoring for millions of taxpayers whose information was stolen. […] No arrests have been made in the…
State Data Breach Notification Laws: 2018 in Review
Caleb Skeath and Brooke Kahn of Covington & Burling provide a useful recap of changes in 2018 that will impact us in 2019: …. Following up on our global year-end review of major privacy and cybersecurity developments, we’ve summarized the major developments and trends observed with regards to state data breach notification laws over the past…