A Russian man was sentenced today for providing “bulletproof hosting” services, which were used by cybercriminals between 2009 to 2015 to distribute malware and attack financial institutions and victims throughout the United States. On Dec. 1, Chief Judge Denise Page Hood of the U.S. District Court for the Eastern District of Michigan sentenced Aleksandr Grichishkin,…
CarePartners agrees to settle proposed cyberattack class action for up to $3.4 million, but don’t party just yet
Bernise Carolino reports that there is a settlement in a lawsuit against CarePartners in Canada. The proposed class-action lawsuit stemmed from a breach in 2018 that DataBreaches.net investigated and covered on this site. The firms of Howie, Sacks & Henry LLP (HSH), Waddell Phillips PC and Schneider Law Firm represented the plaintiffs, Arthur Redublo and…
UK watchdog’s punishment for Blackbaud, Easyjet, other big privacy lawbreakers was slap on the wrist in private
Gareth Corfield reports: Blackbaud was given a private slap on the wrist by the UK’s Information Commissioner’s Office (ICO) after paying off criminals who stole users’ financial data from the cloud CRM biz’s servers. The astonishingly mild sanction was revealed in a Freedom-of-Information response after senior data protection specialist Jon Baines at London law firm Mishcon de Reya asked…
NZ: OPC finds leading cause of privacy breaches is human error
Catherine Knowles reports: Human error is the leading cause of serious privacy breaches, according to a new report released today by the Office of the Privacy Commissioner (OPC). Privacy Commissioner John Edwards says, “We are seeing clear patterns emerging since mandatory reporting of serious privacy breaches came into effect with the Privacy Act 2020 on…
Vendors and HIPAA
Matt Fisher of Carium writes: An important part of establishing strong security for an organization rests with how it interacts with its vendors. The creation of a chain of entities creating, interacting with, storing, or otherwise handling sensitive patient information starts at the top, but can easily and frequently go down many layers. Given the…
Quest’s ReproSource faces patient lawsuit over data breach impacting 350K patients
Jessica Davis reports: One month after notifying 350,000 patients of a potential theft of their protected health information, ReproSource Fertility Diagnostics has been sued by a patient over alleged security failings. ReproSource is a clinical laboratory for fertility specialists and a subsidiary of Quest Diagnostics. First disclosed Oct. 8, an attacker hacked into the ReproSource network in…