Jeremiah Fowler discovered yet another unsecured database. This one reportedly had more than one million financial records: The PDF documents that were made public included invoices from both individuals and businesses who used an app to pay for products and services. The invoices contained names, email addresses and physical addresses, phone numbers, and more. In…
Looks like Karakurt is back… (Update 1)
And they have added two medical entities to their leak site today — Medicalodges in Kansas and Petaluma Health Center in California. They provide no proof for either claim, and neither entity has any notice on their respective sites about any incident, so for now, these are unconfirmed claims. Update 1: DataBreaches received a statement…
How the Federal Tort Claims Act Extricates Certain Health Care Providers From Data Breach Class Action Suits
John Cleary and Shundra Crumpton Manning of Polsinelli write: Data breach class action litigation continues to occupy center stage in the ongoing struggle to secure compensation and redress for legitimate victims of actionable cybersecurity shortcomings of data owners. The underlying scenarios in these cases encompass criminal hacking episodes, rogue employees, carelessness and unforeseen material gaps…
Push to ban ransomware payments following Australia’s biggest cyberattack
Luke Huigsloot reports: The Australian government is being pushed to ban the payment of cyber ransoms, usually demanded in cryptocurrency, following a local business suffering a mass data breach and subsequent ransom demand. […] The Australian government’s lead cybersecurity agency, the Australian Cyber Security Centre (ACSC), currently recommends that victims of ransomware attacks never pay…
‘Headlight Hackers’ Are Stealing Cars Via CAN Interference
Adrianna Nine reports: Car thieves have found a sophisticated new way to snatch vehicles off the streets, and it’s called “headlight hacking.” The method involves accessing a car’s Controller Area Network (CAN) bus, a system that allows multiple devices within a vehicle build to communicate with each other in real time. Ian Tabor, an automotive…
HHS Office for Civil Rights Announces the Expiration of COVID-19 Public Health Emergency HIPAA Notifications of Enforcement Discretion
Notifications of Enforcement Discretion expire at 11:59 pm on May 11, 2023 Today, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announces that the Notifications of Enforcement Discretion issued under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health…