Two potential class action lawsuits involving data breaches have reportedly settled. One awaits final approval in October, but the other settlement is already final. University of Pittsburgh Medical Center data breach $450K class action settlement During April to June 2020, Charles J. Hilton PC (CJH), a firm hired by UPMC for billing services, allegedly suffered…
Personal and sensitive files from Tehama County Social Services leaked on dark web. Have the victims been notified?
On their dark web blog, Quantum threat actors claim to have acquired 32 GB of files from Tehama County Social Services in California. Quantum describes the files as involving information of county clients and employees: Financial information, budgets, fiscal docs, contracts, HR data, resumes, payrolls, clients personal data, scans ID, scans SSN, personal info, scans…
Vermont Enacts Insurance Data Security Law
Hunton Andrews Kurth writes: On May 27, 2022, Vermont Governor Phil Scott signed H.515, making Vermont the twenty-first state to enact legislation based on the National Association of Insurance Commissioners Insurance Data Security Model Law (“MDL-668”). The Vermont Insurance Data Security Law applies to “licensees”—those licensed, authorized to operate or registered, and those required to be…
After a Breach, One Company’s Cybersecurity Claims Got Referenced in a Lawsuit
Joe Jabara writes: So it starts….with literally billions of dollars lost through cryptocurrency frauds and security breaches, it was only a matter of time before we started seeing a wave of litigation. On Monday, a case was brought in the United States District Court, Southern District of New York, by IRA Financial Trust against Gemini Trust Company…
District 207 Approves Cybersecurity Contract In Wake Of Attempted Breach
Igor Studenkov reports: Maine Township High School Dist. 207 Board of Education voted unanimously on Monday (June 6) to award a one-year cybersecurity contract to the company that helped the district prevent a security breach a few weeks earlier. The district considered bids from seven vendors. When one of the bidders, Texas-based Crowdstrike, was demonstrating…
Goodman Campbell Brain and Spine alerts patients to ransomware attack while continuing to provide care
Yesterday, Hive threat actors added Goodman Campbell Brain and Spine to their leak site, with a notice that they had encrypted the entity on May 20. They also provided some files as proof. But if Hive hoped this would pressure the multi-location medical entity, they seem to have misjudged their Indiana-based victim. On the homepage…