Medusa Unveils Another 50TB of Stolen Data from HCRG Care Group, Giving Greater Insight Into the Scope of the Breach

After the Medusa gang reportedly demanded a $2 million ransom from UK healthcare and community services provider HCRG Care Group, HCRG confirmed they had a breach and said they were investigating. But they did not confirm that patient data and employee… Continue reading Medusa Unveils Another 50TB of Stolen Data from HCRG Care Group, Giving Greater Insight Into the Scope of the Breach

How federal rules on cybersecurity breach transparency for businesses were challenged in court in 2024

Dom DiFurio reports: In October, four companies collectively paid nearly $7 million as part of a settlement with the Securities and Exchange Commission for allegedly failing to properly inform investors of a cyberbreach affecting their companies, a lia… Continue reading How federal rules on cybersecurity breach transparency for businesses were challenged in court in 2024

Cyberespionage groups or cybercriminals? UAV and C-UAV vendors and buyers are increasingly targeted

As Unmanned Aerial Vehicles (UAVs or “drones”) and Unmanned Aerial Systems (UAS) are increasingly deployed as part of military operations, there has also been an upsurge in counter-UAV (C-UAV) and counter-UAS technologies designed to detect… Continue reading Cyberespionage groups or cybercriminals? UAV and C-UAV vendors and buyers are increasingly targeted

Memorial Hospital and Manor notifies 120,085 people of November ransomware attack

On November 3, 2024, WALB in Georgia reported that Memorial Hospital and Manor had been the victim of a ransomware attack on November 1 that they discovered on November 2. The hospital announced the incident on its Facebook page in a post that is no lo… Continue reading Memorial Hospital and Manor notifies 120,085 people of November ransomware attack

Elon Musk’s DOGE Posts Classified Data On Its New Website

Jennifer Bendery reports: Elon Musk’s team at the so-called Department of Government Efficiency has posted classified information about the size and staff of a U.S. intelligence agency on its new website, raising bigger concerns about where Musk’s prog… Continue reading Elon Musk’s DOGE Posts Classified Data On Its New Website

Humboldt Independent Practice Association’s breach notification leaves questions unanswered

On November 11, 2024, Humboldt Independent Practice Association (Humboldt IPA) submitted a breach report to HHS that used a placeholder of 500 for the number of patients affected. All we knew from HHS’s entry was that it was some kind of hacking … Continue reading Humboldt Independent Practice Association’s breach notification leaves questions unanswered

Attorney General James Releases Statement on DOGE Access to Sensitive Personal Information

When DataBreaches said, “Send in the lawyers” to sue Musk, she was thinking of personal injury lawyers who handle data breach litigation. But 14 state attorneys general may be even better. From NYS Attorney General Letitia James: NEW YORK –… Continue reading Attorney General James Releases Statement on DOGE Access to Sensitive Personal Information

Almost one year later, NorthBay Health notifies 569,012 people of breach of sensitive information

While some states are decreasing the amount of time entities have to notify the state or individuals of a breach, the reality is that many entities are nowhere near complying with even more lenient deadlines. HIPAA, for example, allows entities no more… Continue reading Almost one year later, NorthBay Health notifies 569,012 people of breach of sensitive information

Backdoor found in two healthcare patient monitors, linked to IP in China

Lawrence Abrams reports: The US Cybersecurity and Infrastructure Security Agency (CISA) is warning that Contec CMS8000 devices, a widely used healthcare patient monitoring device, include a backdoor that quietly sends patient data to a remote IP addres… Continue reading Backdoor found in two healthcare patient monitors, linked to IP in China