Catalin Cimpanu reports: Smartwatch and wearables maker Garmin has shut down several of its services on July 23 to deal with a ransomware attack that has encrypted its internal network and some production systems. The company is currently planning a multi-day maintenance window to deal with the attack’s aftermath, which includes shutting down its official…
Small Health Care Provider Fails to Implement Multiple HIPAA Security Rule Requirements
There’s been a rare sighting of a 2020 HHS settlement of HIPAA charges. An almost 10-year old report of what would be a relatively small breach led to an investigation that uncovered persistent failures to implement the HIPAA Security Rule. From HHS: Metropolitan Community Health Services (Metro), doing business as Agape Health Services, has agreed…
278k Instacart customer records reportedly hacked, includes order history
Ben Lovejoy reports: Some 278,531 Instacart customer records have reportedly been hacked, and are for sale on the dark web. The data includes names, email addresses, the last four digits of credit card numbers, and order histories … Instacart denies that there has been any breach, and says that if any data is real, it didn’t come…
NY Charges First American Financial for Massive Data Leak
Brian Krebs reports: In May 2019, KrebsOnSecurity broke the news that the website of mortgage title insurance giant First American Financial Corp. had exposed approximately 885 million records related to mortgage deals going back to 2003. On Wednesday, regulators in New York announced that First American was the target of their first ever cybersecurity enforcement action in…
Walmart reports that some patient data may have been stolen by looters during civil unrest
I think this is the first notice I’ve seen of this kind. Notice of Data Incident A number of retail establishments across the country have recently been impacted by widespread civil unrest. On May 31, 2020, Walmart pharmacies at the following locations were impacted by this civil unrest: Store 2648 at 1919 Davis Street in…
FoxRothschild: U.S. States And Territories Data Breach Statutes (Updated)
Fox Rothschild’s Privacy and Data Security practice group maintains this searchable PDF document as well as the Data Breach 411 app to inform businesses of the breach notification statutes in each of the 50 states, Guam, Puerto Rico and the U.S. Virgin Islands, so they can better understand their rights, obligations and potential liability. Download…