Brett Balicki reports: A bill to help notify victims of a data breach is heading to Gov. Tom Wolf’s desk for consideration. The General Assembly has approved Sen. Dan Laughlin’s legislation, Senate Bill 696, that would require state agencies and their contractors, as well as local governments, to notify victims of a data breach involving personally…
Australian Clinical Labs says data of 223,000 people hacked
Australian Clinical Labs said on Thursday its Medlab Pathology business suffered a data breach that affected health records and credit card information of about 223,000 patients and staff. This is the latest in a series of hacks to rock corporate Australia, after the country’s biggest health insurer Medibank and No. 2 telco Optus were also…
HIPAA Security Rule Security Incident Procedures
HHS OCR’s October newsletter begins: Every October, in recognition of National Cybersecurity Awareness Month, the federal government and its partners work to educate stakeholders on cybersecurity awareness and how best to protect the privacy and security of confidential data. Within the health care industry, the HIPAA Security Rule1 applies to covered entities2 and their business associates3 (“regulated entities”)…
UK: Braverman should be given ‘second chance’ despite ‘multiple’ security breaches
Andrew Learmonth reports: Suella Braverman deserves a “second chance” as Home Secretary despite claims of “multiple breaches” of security, the new Tory party chairman has said. Nadhim Zahawi said the Prime Minister was right to give the key member of the party’s right-wing a shot at “redemption” just six days after she was forced to…
AU: Medibank’s latest update reveals more woes; My Home Hospital patient info accessed
AU health insurer Medibank has been diligently providing updates on a massive data breach. With each update, they have revealed growing awareness of how much personal data has been accessed or exfiltrated. Their latest update, issued overnight, begins: It has become clear overnight that the criminal has accessed patient information relating to My Home Hospital….
Davenport Community Schools’ “server issues” were Karakurt issues
Months after CISA issued an alert about Karakurt, Davenport Community Schools in Iowa reported some “server issues.” On September 13, Schools Superintendent TJ Schneckloth issued a statement regarding what had been described as “server repairs” after the district went without internet for roughly a week back in September. That statement, updated on October 4, acknowledged…