June 13 – Michelle Shropshire, 54, of Waldorf, Maryland, and Harlisha Jones, 49, of Clinton, Maryland, and Washington, DC, were arrested this morning on health care fraud, wire fraud, mail fraud, aggravated identity theft, and conspiracy charges filed in U.S. District Court. According to the indictment, from June 2021 through January 2024, Shropshire and Jones,…
Washington Post investigating cyberattack on journalists, WSJ reports
Reuters reports: A cyberattack on the Washington Post compromised the email accounts of several journalists and was most likely the work of a foreign government, the Wall Street Journal reported on Sunday. Matt Murray, the Washington Post’s executive editor, said in an internal memo that the breach was discovered on Thursday and an investigation had…
Resource: State Data Breach Notification Laws – June 2025
For a summary of basic state notification requirements that apply to entities who “own” data, download Foley & Lardner’s State Data Breach Notification Laws Chart. They write: This chart is current as of June 2, 2025, and should be used for informational purposes only because the recommended actions an entity should take if it experiences a…
WestJet investigates cyberattack disrupting internal systems
Lawrence Abrams reports: WestJet, Canada’s second-largest airline, is investigating a cyberattack that has disrupted access to some internal systems as it responds to the breach. “WestJet is aware of a cybersecurity incident involving internal systems and the WestJet app, which has restricted access for several users,” reads a security advisory on WestJet’s site. “We have activated specialized…
Plastic surgeons often store nude photos of patients with their identity information. When would we call that “negligent?”
Claims of “negligence” are often raised in lawsuits. DataBreaches is not a lawyer, of course, but wonders whether by now, we should consider a plastic surgeon “negligent” in their data security if they store nude photos of their patients with patient names and identity information in plain text and no strong encryption or suitable alternative…
India: Servers of two city hospitals hacked; police register FIR
The Times of India reports: New Delhi: Delhi Police has registered an FIR after the servers of two hospitals in north Delhi, Sant Parmanand Hospital in Civil Lines and NKS Super Speciality Hospital in Gulabi Bagh, were allegedly hacked. Patient data, financial records and administrative files were accessed during the breach, which took place…