Roma Patel writes: We often cover consumer class action complaints against companies regarding the privacy and security of personal information. However, litigation can also arise from alleged breach of contract between two companies. This week, we will analyze a medical diagnostic testing laboratory’s April 2025 complaint against its managed services provider for its alleged failure…
Baltimore City State’s Attorney’s Office hacked; Data leaked
One of the many cyberattacks that has escaped recent media attention is an incident involving the Baltimore City State’s Attorney’s Office in Maryland. Yesterday, data from the incident was leaked. The group known as Kairos added stattorney[.]org to its leak site on March 31, 2025. At that time, Kairos claimed that they had acquired 325 GB…
Don’t be so quick to claim there’s no reason to believe there’s compromise of patient info: Saturday edition
Here’s today’s example of how an entity may claim that they had no reason to believe patient data had been compromised, only to find that it had been. In February, Whitman Hospital & Medical Clinics (“WHMC”) in California discovered they had been the victim of a cyberattack that occurred between December 26 and February 28….
NDPC, Health Ministry Partner to Boost Data Protection in Healthcare
Voice of Nigeria reports: The Nigeria Data Protection Commission (NDPC) has announced a collaboration with the Federal Ministry of Health and Social Welfare to establish a robust data protection framework within the healthcare sector. This was revealed in a statement issued on Thursday in Abuja by Mr. Itunu Dosekun, Head of the NDPC Media Unit….
Radiology practice reportedly working with FBI after ‘data security incident’
Marty Stempniak reports: A Pacific Northwest radiology practice has reportedly worked with the FBI following a recent “data security incident.” Mt. Baker Imaging and Northwest Radiologists posted a notice of the matter on its website March 26. The Bellingham, Washington-based group said it first noticed the network disruption around Jan. 25, immediately engaging outside forensic specialists…
HHS Office for Civil Rights Settles HIPAA Ransomware Cybersecurity Investigation with Guam Memorial Hospital Authority
While DataBreaches was aware of the 2023 incident referenced below, this site was not aware of any 2019 ransomware attack. The following is a press release issued by HHS OCR today: Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a settlement with Guam Memorial Hospital Authority (GMHA),…