David Gilmour reports: President-elect Donald Trump’s FBI director pick, Kash Patel, was informed by the agency he’ll soon lead that he’d been targeted by Iranian hackers, sources familiar with the situation revealed to CNN. Hackers reportedly accessed some of Patel’s communications, according to one source. Patel, a former chief of staff to the defense secretary during Trump’s first term, has…
Unprecedented increase in liability for personal data leaks in the Russian Federation to take effect in May 2025
Advant Beiten writes: A law increasing administrative liability for personal data leaks was signed on 30 November 2024 (No. 420-FZ) (the “Law“). The Law will enter into force on 30 May 2025. A new article of the Criminal Code of the Russian Federation also enters into force on 11 December 2024. It establishes liability for the illegal use and/or transfer,…
Failure to terminate access can be costly. Very costly.
Earlier today, DataBreaches posted an HHS OCR announcement of a settlement with a HIPAA covered entity. A former contractor had accessed its electronic medical record system on three occasions without authorization to retrieve PHI for use in potential fraudulent Medicare claims. OCR imposed a monetary penalty of $1.19 million for the entity’s failure to: conduct…
FBI, CISA say Chinese hackers are still lurking in US telecom systems
Adam Janofsky reports: Leading U.S. cybersecurity agencies on Tuesday said that Chinese hackers likely still have access to critical telecommunications systems, and published guidance to help engineers and network defenders identify and remove the threat actors. In a call with reporters, senior officials at the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI said…
Major energy contractor reports ‘limited’ access to IT after ransomware locks files
Jessica Lyons reports: American energy contractor ENGlobal disclosed that access to its IT systems remains limited following a ransomware infection in late November. In a Monday filing with the US Securities and Exchange Commission (SEC), the company said it became aware of a cybersecurity incident on November 25 after criminals broke into its networks and locked…
Change Healthcare Data Breach Settlement Talks To Be Explored Early in MDL
Irvin Jackson reports: Parties involved in the federal Change Healthcare data breach lawsuits have been ordered to meet separately with a U.S. Magistrate Judge over the next two months, to discuss the most effective structure for settlement talks and the optimum timing for when negotiations should begin that may provide payouts to millions of Americans. The potential…