It has not happened often, but now another court has held that a breached entity cannot protect an investigation into a breach by declaring it legally privileged. Naomi Neilson reports: The Australian Federal Court has ruled that Optus will not be able to keep a report it commissioned from professional services firm Deloitte regarding its…
Sav-Rx notifies 2.8 million patients of October 2023 data breach
A&A Services, which does business as Sav-Rx, is notifying 2,812,336 patients of a hacking incident in October 2023. According to its submissions to the California and Maine attorneys general, Sav-Rx detected an interruption to their network on October 8, 2023. By the next day, their IT systems were restored and prescriptions were shipped on time…
Notice of Security Incident – The New Yorker
The New Yorker decided to make fun of security incident notices in a piece by Jay Katsir. From the notice’s “What Happened?” section: In or around November or February, 2018/24, we detected suspicious activity within our system. It was not like in the movies, where a big red “ALERT” message flashes onscreen, but there was…
Ca: New online breach reporting forms for federal institutions and businesses
From the Office of the Privacy Commissioner of Canada, May 24: The Office of the Privacy Commissioner of Canada (OPC) has launched a new online breach reporting form for federal institutions subject to the Privacy Act as well as updated its online breach reporting form for businesses subject to the Personal Information Protection and Electronic Documents Act (PIPEDA). The new online form for…
More than 540,000 patients notified so far about Cencora/Lash Group data breach (9)
– Only partial numbers so far – Only partial list of clients so far – No group has as yet claimed responsibility for the hack and data exfiltration As the week draws to a close, clients of Cencora and The Lash Group have been submitting breach notifications to state attorneys general. DataBreaches reported in February…
American Clinical Solutions: Over 400,000 Medical Records in the Hands of RansomHub
Marco A. De Felice aka @amvinfe reports: The RansomHub group made headlines last February when, following a cyberattack on Change Healthcare, they disrupted operations for several weeks. Change Healthcare is the largest U.S. provider of revenue and payment cycle management, connecting payers, providers, and patients within the American healthcare system. A week ago, a RansomHub affiliate successfully…