Rebecca Smith reports: The Transportation Security Administration intends to release the first of at least two security directives that would require pipeline operators to notify it when they are targets or victims of cyberattacks, according to senior officials at the Department of Homeland Security. The action, expected this week, also will require each company to…
Having your ePHI dumped on the dark web by threat actors doesn’t necessarily give you standing to sue
In May, 2020, Assured Imaging in Arizona experienced a ransomware attack that they revealed in August, 2020.The incident reportedly impacted 244,813 patients. The data dump by the Pysa threat actors contained a lot of ePHI that appeared to be mostly mammography pre-screening histories or forms with data types such as medical record number, names, addresses,…
Law Firm Responds To Data Breach Claim By… Leaking Data. Checkmate!
Joe Patrice reports: Law firms must always be supremely cautious with private information, but you can’t help but think a firm would add that little extra attention to the task when their client has already been sued for a data breach. Not only would another leak damage the client’s reputation further, you already know that…
Bengaluru civic body faces flak over data breach of Covid patients
Devina Sengupta&Akshatha M report: Covid-19 data records of those who have tested in Bengaluru were out in the public domain for some time, which is a clear violation of IT rules around data privacy and can lead to misuse of the information, experts have said. Free Software Movement of India, a coalition of organisations working on data privacy, on Tuesday…
AEON Clinical Laboratories (Peachstate) Pays $25,000 to Settle Potential HIPAA Security Rule Violations
Peachstate Health Management, LLC, doing business as AEON Clinical Laboratories (Peachstate), has agreed to pay $25,000 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) and to implement a corrective action plan to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. …
Mercy University Hospital secures court injunction against ransomware hackers
Aodhan O’Faolain reports: A Cork-based hospital has secured injunctions from the High Court restraining any sharing, processing, selling or publishing of data believed stolen from its computer systems in the cyberattack. The orders were made in favour of the Mercy Hospital Cork against “persons unknown” responsible for accessing the hospital’s IT system, that is separate…