On November 11, 2024, Humboldt Independent Practice Association (Humboldt IPA) submitted a breach report to HHS that used a placeholder of 500 for the number of patients affected. All we knew from HHS’s entry was that it was some kind of hacking or IT incident involving protected health information located in email. The California entity’s…
Category: U.S.
Attorney General James Releases Statement on DOGE Access to Sensitive Personal Information
When DataBreaches said, “Send in the lawyers” to sue Musk, she was thinking of personal injury lawyers who handle data breach litigation. But 14 state attorneys general may be even better. From NYS Attorney General Letitia James: NEW YORK – New York Attorney General Letitia James today led a coalition of 14 attorneys general in…
DISA Incident: Update on Review of ‘Potentially Affected Files’ and Notification Plan
BakerHostetler writes: On Thursday, Jan. 23, DISA Global Solutions, Inc. (DISA) provided an update to customers regarding its April 2024 cyber incident, including the results of its data review and notification plans. According to DISA, its investigation determined an unauthorized third party accessed its environment between Feb. 9, 2024, and April 22, 2024, and “procured…
Almost one year later, NorthBay Health notifies 569,012 people of breach of sensitive information
While some states are decreasing the amount of time entities have to notify the state or individuals of a breach, the reality is that many entities are nowhere near complying with even more lenient deadlines. HIPAA, for example, allows entities no more than 60 calendar days from discovery of a breach (the first day they…
Ransomware attack kept ENGlobal out of some systems for 6 weeks
Jonathan Greig reports: Officials at a large energy industry and federal government contractor were locked out of company financial systems for six weeks due to a recent ransomware attack. ENGlobal Corporation revealed the extended disruptions in an update to the U.S. Securities and Exchange Commission on Monday evening. “The cybersecurity incident limited the Company’s ability to access…
Attorney General James Secures $450,000 from Companies Selling Home Security Cameras that Failed to Secure Private Videos
NYS Attorney General has been the most active state attorney general in terms of going after entities that don’t secure data properly. The following is from her latest press release: NEW YORK – New York Attorney General Letitia James secured $450,000 from three companies that distribute eufy home security video cameras for failing to secure consumers’…