KYMA reports: Yuma Regional Medical Center (YRMC) said it mailed letters to thousands of patients whose information may have been involved in a recent cybersecurity incident. On April 25, 2022, YRMC identified a ransomware incident affecting some internal systems. Upon detecting the incident, YRMC shared with News 11 it took immediate action, taking systems offline,…
WA: MCG Health notifies patients and health plan members of data breach (updated)
Seattle-based MCG Health, LLC (“MCG”) provides patient care guidelines to providers and health care plans. According to a notice on their website that was also issued as a press release yesterday, on March 25, 2022, they determined that an unauthorized party had previously obtained personal information about some patients and members of certain MCG customers….
Shoprite Group issues warning on ‘suspected data compromise’ (UPDATED)
TimesLive reports: The Shoprite Group said on Friday evening it had become aware of a suspected data compromise, including names and ID numbers, which may affect some customers who engaged in money transfers to and within Eswatini and within Namibia and Zambia. “Affected customers will receive an SMS to the cell number supplied at the…
Data breach lawsuits settle: UPMC vendor and a holding company for department stores
Two potential class action lawsuits involving data breaches have reportedly settled. One awaits final approval in October, but the other settlement is already final. University of Pittsburgh Medical Center data breach $450K class action settlement During April to June 2020, Charles J. Hilton PC (CJH), a firm hired by UPMC for billing services, allegedly suffered…
Personal and sensitive files from Tehama County Social Services leaked on dark web. Have the victims been notified?
On their dark web blog, Quantum threat actors claim to have acquired 32 GB of files from Tehama County Social Services in California. Quantum describes the files as involving information of county clients and employees: Financial information, budgets, fiscal docs, contracts, HR data, resumes, payrolls, clients personal data, scans ID, scans SSN, personal info, scans…
Vermont Enacts Insurance Data Security Law
Hunton Andrews Kurth writes: On May 27, 2022, Vermont Governor Phil Scott signed H.515, making Vermont the twenty-first state to enact legislation based on the National Association of Insurance Commissioners Insurance Data Security Model Law (“MDL-668”). The Vermont Insurance Data Security Law applies to “licensees”—those licensed, authorized to operate or registered, and those required to be…