Helen Wegner reports: A hospital employee is accused of sharing patient identities with scammers who then fraudulently tried to obtain their COVID-19 unemployment benefits, according to court documents unsealed this week. Matthew Lombardo worked at the Scripps Health hospital in San Diego as a patient service representative where he obtained and verified patient information, including…
NZ: Fear patient data may have been stolen from Auckland DHBs
Tom Pullar-Strecker reports: A data breach may have occurred at the organisation that provides health IT services to more than a third of the country, amid growing indications of a serious cyber-security incident. A spokeswoman for the Office of the Privacy Commissioner said it was notified by Counties Manukau DHB of a possible data breach…
Connecticut Enacts Safe Harbor From Punitive Damages In Data Breach Cases
Jason Gavejian and Joseph Lazzarotti of JacksonLewis write: Effective October 1, 2021, Connecticut becomes the third state with a data breach litigation “safe harbor” law (Public Act No. 21-119), joining Utah and Ohio. In short, the Connecticut law prohibits courts in the state from assessing punitive damages in data breach litigation against a covered defendant…
Ca: Health unit privacy breach exposes email addresses of 500 residents of Kawartha Lakes, Northumberland, and Haliburton
KawarthaNOW reports: The Haliburton, Kawartha, Pine Ridge District Health Unit has reported a privacy breach, in which a mass email sent to around 500 residents in Kawartha Lakes, Northumberland, and Haliburton exposed their email addresses to anyone who received the email. Read more on KawarthaNOW
AIG unit must defend Texas retailer Landry’s in data breach case
Judy Greenwald reports: A federal appeals court reversed a lower court Wednesday and ruled an American International Group Inc. unit is obligated to defend a retailer in connection with a data breach. Houston-based Landry’s Inc., which operates retail properties including restaurants, hotels and casinos, discovered a data breach that occurred between May 2014 and December…
Fraud Family phishing-as-a-service disrupted in the Netherlands
Catalin Cimpanu reports: Police officers arrested a 24-year-old man from the city of Arnhem and a 15-year-old boy from the town of Loenen aan de Vecht. Investigators said the former developed the phishing kits, while the latter had been responsible for selling access to the tools developed by his partner. Police also searched the house…