John Beauge reports: The man accused of downloading protected information of more than 1.2 million Geisinger Health System patients in 2023 will defend himself at his criminal trial. U.S. Middle District Judge Matthew W. Brann granted the motion of Max Vance to proceed pro se but assigned assistant public defender Gerald A. Lord as standby…
Tallahassee Memorial Healthcare reveals it was also impacted by Cerner/Legacy Oracle cyberattack
WTXL reports: Tallahassee Memorial Healthcare is releasing more information regarding a cybersecurity event that happened this past January. A spokesperson told WTXL ABC 27 they were recently notified that a previous vendor TMH used had experienced a cybersecurity event involving unauthorized access to data, including certain patient information. TMH says its current electronic health record…
Hospital cyberattack investigation complete, no formal review needed (1)
Paul Pedro reports a follow-up to the massive ransomware attack on Ontario hospitals via an attack on TransForm by the Daixin threat actors: The Information and Privacy Commissioner of Ontario (IPC) has completed a review into a massive cyberattack on five regional hospitals in 2023 and found hospital officials acted “adequately.” But in its decision,…
Largest Ever Seizure of Funds Related to Crypto Confidence Scams
WASHINGTON – The U.S. Attorney’s Office filed a civil forfeiture complaint in U.S. District Court for the District of Columbia against more than $225.3 million in cryptocurrency. According to the complaint, the U.S. Secret Service and the FBI used blockchain analysis and other investigative techniques to determine that the cryptocurrency is connected to the theft…
IMPACT: 170 patients harmed as a result of Qilin’s ransomware attack on NHS vendor Synnovis
PA News Agency reports that as a result of the attack, more than 10,000 appointments were cancelled at the two London NHS trusts that were worst affected, and a significant number of GP practices in London were unable to order blood tests for their patients. Now the Health Service Journal (HSJ) [paywalled] has reported that…
DOJ’s Data Security Program: Key Compliance Considerations for Impacted Entities
Eleanor M. Ross, Cassidy Kim, Olivia Bellini of Greenberg Traurig, LLP write: On April 11, 2025, the DOJ’s National Security Division (NSD) issued a Compliance Guide, Implementation and Enforcement Policy, and FAQs for its Data Security Program (DSP), finalized pursuant to Executive Order 14117 and the 28 C.F.R. Part 202. The DSP is primarily designed to prevent certain cross-border data flows…