Aaron Nicodemus reports: The Securities and Exchange Commission (SEC) will require broker-dealers and registered investment advisers to adopt written policies and procedures for handling data breaches of customer data and notify affected customers within 30 days. On Thursday, the SEC approved amendments to Regulation S-P, known as the safeguards rule. The rule requires covered entities to…
WebTPA Employer Services notifies 2.4 million of April 2023 hack.
WebTPA is a medical claims administrator for health insurance and benefits plans. On December 28, 2023, the Texas firm discovered that they had experienced a data security incident involving certain systems on their network. Subsequent investigation concluded that an unauthorized actor may have exfiltrated personal information between April 18 and April 23, 2023. WebTPA’s clients…
Guthrie Lourdes Hospital still struggling with effects of Ascension cyberattack
Phoebe Taylor-Vuolo, Report for America corps member, reports: Guthrie Lourdes Hospital in Binghamton continues to feel the impact of a recent cyberattack on Ascension, its former parent organization. Ascension said it was hit with a ransomware attack on May 8. Lourdes was officially acquired by the Guthrie health system in February, but officials say that transition is…
Au: Electronic prescription provider MediSecure victim of ‘large-scale’ data breach, ‘personal and health information’ at risk
Daniel Jeffrey reports: Electronic prescription provider MediSecure has fallen victim to a “large scale” data breach, potentially putting Australians’ private medical information at risk and sparking a national approach from the federal government. The company released a statement on its website – which is now otherwise inactive – this afternoon confirming the breach involved “personal and…
BreachForums seized by FBI and law enforcement partners; administrator arrested (3)
It probably will not surprise anyone who has checked BreachForums recently, but there is now a seizure notice on the forum. The notice claims that BreachForums is under the control of the FBI and has been taken down by the FBI and DOJ with assistance from international partners. The forum’s owner, ShinyHunters, or whoever is…
Farley v Equiniti: an uphill battle for data breach claims
Seen on DENTONS: May 15, 2024 The landscape of data privacy claims in England and Wales has recently become more hostile to data breach claims by individuals, in the context of both representative actions (such as Lloyd v Google, which we discuss fully here) and those bringing claims in their sole names (for example, Cleary v Marston (Holdings) and Driver…