Gosia Wozniacka of Oregon Live reports: The Oregon Department of Environmental Quality on Friday declined to confirm or deny reports that a well-known ransomware group stole employee files in a recent cyberattack at the agency. The department faced questions after several cybersecurity websites reported that ransomware group Rhysida is behind the cyberattack at the DEQ…
High Court rules landlord entitled to additional £6m indemnity from insurance broker after data breach
Matilda Battersby reports: A housing association’s broker has been found liable for “breach of duty” in a landmark High Court judgment. Watford Community Housing (WCH) brought a professional negligence claim against Arthur J Gallagher Insurance Brokers for failing to make “timely notifications” of a data breach to one of three of its insurers. Deputy High…
Oregon court dismisses lawsuit over 2023 MOVEit data breach affecting 3.5 million Oregonians
While the ransomware attack on the Oregon Department of Environmental Equality (DQE) is making headlines this month, there was also an update to a lawsuit stemming from the MOVEit breach in 2023 that affected 3.5 million Oregonians whose driver’s license and identity information was held by the Oregon Driver and Motor Vehicle Services. Aimee Green…
HHS OCR Settles HIPAA Ransomware Cybersecurity Investigation with Comprehensive Neurology, PC
Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a settlement with Comprehensive Neurology, PC (Comprehensive), a small New York neurology practice, concerning a potential violation of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule. The settlement resolves an OCR investigation of a ransomware…
FBI IC3, Verizon DBIR, Google M-Trends reports are out—here’s the conclusions!
Catalin Cimpanu writes: There are a handful of seminal reports in the cybersecurity industry, and lo and behold, three of them were released on Wednesday. Mandiant’s team, now part of Google Cloud, released M-Trends, Verizon released its Data Breach Investigations Report (aka DBIR), and the FBI Internet Crime Complaint Center (IC3) released its yearly Internet Crime Report [PDF]. All…
Several more lawsuits filed against Frederick Health Hospital related to data breach, cybersecurity failures
Gabrielle Lewis reports: Four class action lawsuits alleging Frederick Health Hospital failed to protect patients’ sensitive data during a ransomware attack in January were filed this month. These lawsuits accuse FHH of having inadequate cybersecurity measures, neglecting its obligation to protect patient data, improperly notifying the people affected by the data breach and putting individuals…