Excellus Health Plan, Inc. has agreed to pay $5.1 million to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) and to implement a corrective action plan to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules related to a breach…
Joker’s Stash, the Largest Carding Marketplace, Shuts Down
Gemini Advisory reports that Joker’s Stash, the largest dark web marketplace in the underground payment card economy, has announced that it is shutting down. That’s big news. Go read it about on GeminiAdvisory.io.
Ronald McDonald House notifying almost 18,000 guests of Blackbaud breach
Those of us who frequently check state attorneys general sites are well aware that there are still many consumers and patients who are first being notified of the Blackbaud ransomware incident last year. Ronald McDonald House is well-known in the U.S., for offering housing accommodations to families who have children being treated for serious illnesses. …
Amazon’s Ring Neighbors app exposed users’ precise locations and home addresses
Zack Whittaker reports: A security flaw in Ring’s Neighbors app was exposing the precise locations and home addresses of users who had posted to the app. Ring, the video doorbell and home security startup acquired by Amazon for $1 billion, launched Neighbors in 2018 as a breakaway feature in its own standalone app. Neighbors is one…
Polish DPA fines Virgin Mobile Polska €460,000: Incidental safeguards review is not regular testing of technical measures
The President of the Personal Data Protection Office (UODO) imposed a fine of PLN 1.9 million (EUR 460,000) on Virgin Mobile Polska for the lack of implemented appropriate technical and organisational measures to ensure the security of the processed data. UODO stated that the company infringed the principles of data confidentiality and accountability specified in…
UK: 150,000 Arrest Records Lost in Police Data Accident
Michael Behr reports: The information was deleted as part of a routine cleaning of police databases. The arrest records of around 150,000 people have been accidentally wiped from a police database. Data such as fingerprints, DNA, and arrest histories were lost last week, according to the Times, which broke the story. The Home Office has said that the…