Brian Krebs reports: On Tuesday of this week, one of the more popular underground stores peddling credit and debit card data stolen from hacked merchants announced a blockbuster new sale: More than 5.3 million new accounts belonging to cardholders from 35 U.S. states. Multiple sources now tell KrebsOnSecurity that the card data came from compromised…
Hospital Not Liable for Facebook Post of Patient Medical Records
Mary Anne Pazanowski reports that once again, a court has ruled that an employer is not liable for what an employee does if they the employee was not acting within the scope of their employment duties: An Indiana hospital isn’t liable for an employee’s unauthorized actions that allegedly led to the posting of a patient’s…
Sonoma Valley Hospital Website, Email Addresses Hijacked
Jessica Davis reports on a potentially very serious cyberattack that is not the type of thing you’ll usually read on this site: Sonoma Valley Hospital was forced to give up its coveted three-letter domain name in early August after hackers hijacked its website, according to local news outlet Sonoma Index-Tribune. The website had been registered…
Feds: PainMD’s abandoned medical records at risk of being burned, shredded
Brett Kelman reports: Federal and state prosecutors have asked a judge to halt the destruction of thousands of medical records abandoned by PainMD, a Nashville-area pain clinic company that shut down earlier this year in the midst of a fraud investigation. The medical records, which could be evidence against PainMD or important to former patients, are currently stuck…
MasterCard says it’s investigating a data breach of German loyalty program
Steve Goldstein reports: MasterCard MA, -0.44% said it was investigating a data breach of a loyalty program in Germany which led to a leak of personal information, The Wall Street Journal reported. The loyalty program has been shut down, and on Wednesday, the company became aware of another file with user data, the report said….
Are thedarkoverlord’s victims entitled to damages from Athens Orthopedic Clinic? Georgia Supreme Court to rule.
Bill Rankin reports: In the spring of 2016, a cyber thief calling himself the “Dark Overlord” hacked into the databases of a Clarke County medical clinic and emerged with the personal information of an estimated 200,000 patients. The Athens Orthopedic Clinic refused to pay the hacker’s ransom and advised current and former patients to set…