WebTPA is a medical claims administrator for health insurance and benefits plans. On December 28, 2023, the Texas firm discovered that they had experienced a data security incident involving certain systems on their network. Subsequent investigation concluded that an unauthorized actor may have exfiltrated personal information between April 18 and April 23, 2023. WebTPA’s clients…
Guthrie Lourdes Hospital still struggling with effects of Ascension cyberattack
Phoebe Taylor-Vuolo, Report for America corps member, reports: Guthrie Lourdes Hospital in Binghamton continues to feel the impact of a recent cyberattack on Ascension, its former parent organization. Ascension said it was hit with a ransomware attack on May 8. Lourdes was officially acquired by the Guthrie health system in February, but officials say that transition is…
Au: Electronic prescription provider MediSecure victim of ‘large-scale’ data breach, ‘personal and health information’ at risk
Daniel Jeffrey reports: Electronic prescription provider MediSecure has fallen victim to a “large scale” data breach, potentially putting Australians’ private medical information at risk and sparking a national approach from the federal government. The company released a statement on its website – which is now otherwise inactive – this afternoon confirming the breach involved “personal and…
BreachForums seized by FBI and law enforcement partners; administrator arrested (3)
It probably will not surprise anyone who has checked BreachForums recently, but there is now a seizure notice on the forum. The notice claims that BreachForums is under the control of the FBI and has been taken down by the FBI and DOJ with assistance from international partners. The forum’s owner, ShinyHunters, or whoever is…
Farley v Equiniti: an uphill battle for data breach claims
Seen on DENTONS: May 15, 2024 The landscape of data privacy claims in England and Wales has recently become more hostile to data breach claims by individuals, in the context of both representative actions (such as Lloyd v Google, which we discuss fully here) and those bringing claims in their sole names (for example, Cleary v Marston (Holdings) and Driver…
Singapore Cybersecurity Update Puts Cloud Providers on Notice
Robert Lemos writes: Lawmakers in Singapore updated the nation’s cybersecurity regulations on May 7, giving more power to the agency responsible for enforcing the rules, adopting definitions of computer systems that include cloud infrastructure, and requiring that critical information infrastructure (CII) operators report any cybersecurity incident to the government. The Cyber Security Act amendment takes…