Although some members of the public may not realize it, not all U.S. medical practices or practitioners are covered by HIPAA. But for entities that are regulated by HIPAA, HIPAA has some requirements for notifying patients about reportable breaches. The first thing to understand is that for regulated entities, a breach is considered “discovered” on…
FMS: YAP Health Services disrupted by ransomware attack
The state of Yap is one of the four states that make up the Federated States of Micronesia, along with the states of Pohnpei, Chuuk and Kosrae. Yap is the Western-most island in the FSM, located about midway between Guam and Palau. From the YAP Health Services Facebook Page on March 12: Cyberattack Disrupts Yap…
South Korea: Modetour Network fined 740 million won for hacking incident; Meta loses appeal of 6.7 billion won fine
There are two cases in South Korean news this week of note here today involving enforcement actions by South Korea’s Personal Information Protection Commission. One involves a travel agency, Modutour. The other involves a court decision about Meta’s data sharing. Modutour Network Fined by PIPC Yun Ye-won reports that Modutour Network, which neglected safety measures…
#StopRansomware: Medusa Ransomware
Release Date: March 12, 2025 Alert Code: AA25-071A Summary Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders detailing various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect…
Takeaways from our investigation on AI-powered school surveillance
Sharon Lurye of The Associated Press and Claire Bryan of The Seattle Times report: Thousands of American schools are turning to AI-powered surveillance technology for 24/7 monitoring of student accounts and school-issued devices like laptops and tablets. The goal is to keep children safe, especially amid a mental health crisis and the threat of school shootings. Machine-learning algorithms detect potential indicators of problems…
Pinehurst Radiology Associates remains closed more than 1 month after cyberattack
Marty Stempniak reports: An East Coast imaging group remains closed more than one month after a cyberattack, according to reports from local media. Pinehurst Radiology Associates recently gave notice of the incident, launching an investigation amid suspicious activity on its network. Located in the Sandhills of North Carolina’s Moore County, the practice hired legal counsel…