Logan Health Medical Center in Montana is notifying 213, 543 patients, employees, and business associates after discovering that files with personal and protected health information were accessed without authorization. According to a notification submitted to the Maine Attorney General’s Office, Logan first detected suspicious network behavior on November 22, 2021. On January 5, their investigation…
Boston law firm Taylor, Ganson & Perrin notifies clients of data breach
One month after first detecting a problem, Boston law firm Taylor, Ganson & Perrin LLP is providing notice of a data security breach. Like many law firms who have experienced breaches, clients’ medical information and what might be protected health information may have been accessed or acquired by the unnamed threat actor(s), but whether it…
Personal info leaks from listed Japan firms hit record high in 2021
Kyodo News reports: The number of personal information leaks from companies listed on Japanese stock exchanges, as well as their subsidiaries, rose by 30 percent in 2021 from the previous year to a record 137 cases, according to a corporate research agency. Tokyo Shoko Research said in a report that over 50 percent or 68…
Potential Board Liability for Cybersecurity Failures Under Caremark Law
Having trouble getting support for security efforts? Maybe show this one to the board of directors. Leah Rizkallah reports: Cybersecurity is now among the most critical risk-areas for companies across industries, and boards of directors must be vigilant in overseeing their companies’ cybersecurity efforts. Failing to do so not only increases risks for the company,…
Report: Missouri Governor’s Office Responsible for Teacher Data Leak
Brian Krebs reports on a follow-up to the case of Missouri’s Governor Parsons tried to sue a journalist and others who had responsibly disclosed and reported on a data leak by the state. The data leak first came to public attention in October, 2021 when Josh Renaud reported on the exposure and the steps the…
One year later, Minimally Invasive Surgery of Hawaii notifies patients of ransomware incident
A notification letter template that showed up on the California Attorney General’s site this week is dated “February 19, 2021.” I assume the 2021 is a typo based on the rest of the letter. The letter from Orthopedic Associates of Hawaii (OAH) begins (emphasis added by this site): Orthopedic Associates of Hawaii, All Access Ortho…