Two recent breaches involving plastic surgery practices in California have leaked patient data. One of the breaches is by a well-known group that has done such things before. The other incident is by an unnamed individual or group. Both leaks contain some sensitive private images or videos in addition to patient data. On June 21,…
TX: City of Odessa dealing with data breach
Micah Allen reports: According to the City of Odessa, mayor Joven was advised that the city dealt with a serious data breach. It was discovered that accounts assigned to a terminated high-ranking employee have been recently accessed, and sensitive information was transferred. Read more at CBS7, who will be reporting more on this story later…
BlackCat adds a community behavioral health center in Alabama to its leak site (UPDATED)
AlphV (aka BlackCat) threat actors have added Highland Health Systems in Alabama to their leak site. As proof of claims, they have leaked a number of files with employee and patient data or information, including part of a psychiatric intake form with a narrative from 2008. Other files are more current. Highland Health Systems is…
Eleventh Circuit Requests Refined Class Definition For Data Breach Class Action
Gerald L. Maatman, Jr., Alex W. Karasik, and George J. Schaller of Duane Morris write: In Steinmetz et al. v. Brinker International, Inc., No. 21-13146, 2023 U.S. App. LEXIS 17539 (11th Cir. July 11, 2023), the Eleventh Circuit vacated the district court’s order certifying a nationwide class and California-only class in a data breach case. In so…
Kr: PIPC Sanctions LG U+ Telecom, Imposes Administrative Penalty of $5.3 Million for Breach Along with Corrective Orders
Press Release July 12, 2023 (This is an unofficial translation of a press release, originally prepared in Korean.) On July 12, the Personal Information Protection Commission (PIPC) held a plenary meeting and reached a decision to impose an administrative penalty of KRW 6.8 billion (USD 5.3 million) and an administrative fine of KRW 27 million…
Payroll Services Provider UKG Agrees to $6 Million Settlement in Data-Breach Lawsuit
James Rundle reports: Payroll services provider UKG has agreed to settle a class-action lawsuit stemming from a cyberattack in 2021, capping a significant piece of litigation that emerged from the incident. A ransomware strike in December 2021 forced parts of UKG’s Kronos Private Cloud product offline, disrupting software that tracked employee hours during the Christmas holiday period….