There were several settlements in November involving class action lawsuits against entities where the breach involved protected health information or health data. Here’s a brief recap of them: Ambry Genetics agreed to pay $12.25 million to resolve claims that a 2020 data breach compromised consumer health data and other identifiers. The settlement benefits patients whose…
In: Safdarjung Hospital reports cyberattack but not ransomware
ANI reports: Safdarjung Hospital officials on Saturday said the hospital was under a cyber-attack, but the damage was not as severe as it had been for the All India Institute of Medical Sciences (AIIMS) hospital. A hospital spokesperson indicated that this was not a ransomware attack. Read more at Times of India.
Important CoinTracker security update
Forwarded to DataBreaches by a reader. From: CoinTracker <[email protected]> Subject: Important CoinTracker security update Date: December 2, 2022 at 9:37:19 PM MST To: [redacted] Reply-To: [email protected] Dear CoinTrackers, On Dec 1st, 2022, we discovered a leaked list of emails and referral links of CoinTracker users online. No other personal or financial information was leaked, and…
Paying the Ransom in Response to a Ransomware Attack can Sometimes Backfire
Nolan Goldberg and Margaret Ukwu of Proskauer write: A new study by Hiscox, a privacy and cyber security insurance company, sheds light on additional practical concerns that should be taken into account in that balancing of potential risks and benefits. Hiscox released its sixth annual Cyber Readiness Report 2022. In it, Hiscox raises a number…
VA admits to improperly disclosing COVID-19 vaccine data for 500,000 staff
Nihal Krishan reports: The U.S. Department of Veterans Affairs has admitted that it failed to adequately protect COVID-19 vaccination status data for about 500,000 of its employees. Following an internal investigation by the VA’s Data Breach Response Service, the agency removed a spreadsheet containing personal details including vaccination status, according to a notice sent to the agency’s…
Rackspace rocked by ‘security incident’ that has taken out some hosted Exchange services
Simon Sharwood reports: Some of Rackspace’s hosted Microsoft Exchange services have been taken down by what the company has described as a “security incident”. The company’s most recent incident report at the time of writing, time-stamped 01:57 Eastern Time on December 3rd, offers the following information. […] Rackspace has no idea when it will be able…