Abigail Adcox reports: A Covington & Burling client whose information may have been exposed in a 2020 cyberattack is insisting that its identity should not be disclosed to the Securities and Exchange Commission, which had sought out client names in a subpoena to the law firm. The client, following a subpoena battle between Covington and SEC,…
Mount Desert Island Hospital updates its breach disclosure again but still doesn’t reveal what data were leaked
On July 1, DataBreaches reported that Mount Desert Island Hospital (MDIH) in Maine notified HHS on June 30 that 24,180 patients had been affected by a breach between April 28 and May 7. The types of protected health information involved included name, address, date of birth, driver’s license/state identification number, Social Security number, financial account…
#StopRansomware: Snatch Ransomware
There is a new Joint Cybersecurity Advisory issued today. This one is about Snatch Team. Summary: The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency(CISA) are releasing this joint CSA to disseminate known ransomware IOCs and TTPs associated with the Snatch ransomware variant identified through FBI investigations as recently as June…
Schools Are the Most Targeted Industry by Ransomware Gangs
Waqas reports that based on research by Sophos, the education sector is the most vulnerable and targeted by ransomware attacks. KEY FINDINGS 80% of lower education providers and 79% of higher education institutions reported ransomware attacks in the last year. Education is the most targeted industry by cybercriminals, primarily motivated by the high percentage of…
OCR Presents: How the Security Rule Can Help Defend Against Cyber-Attacks
The HHS Office for Civil Rights (OCR) will be producing a pre-recorded webinar for HIPAA covered entities and business associates (collectively, “regulated entities”) discussing how the Security Rule can help regulated entities defend against cyber-attacks. The webinar will discuss real world cyber-attack trends from OCR breach reports and investigations and explore how implementation of appropriate…
Freestyle Must Defend Lawsuit Following Data Breach, Judge Rules
Skye Witley reports: Internet commerce services vendor Freestyle Solutions Inc. must face a trimmed-down lawsuit alleging it misled customers about its cybersecurity practices before hackers gained access to its network, a federal New Jersey court ruled. Freestyle succeeded in dismissing most of the claims, including negligence, but will have to defend issues surrounding its contract language, Judge Susan…