Collaborate Disseminate
Reports concerning an incident involving Nova Scotia Health Employees’ Pension Plan (NSHEPP) in Canada are part of the Accellion breach that has been in the news since January. NSHEPP has posted a number of notices and updates on their site. It … Continue reading Ca: Personal data of 50,000 N.S. health-care workers may have been compromised by Accellion breach
The SITA breach that also impacted 580,000 Singapore Airlines customers is getting more attention as more and more airlines issue statements to their customers. Now my friends are even sending me emails they receive from airlines. You can read SITAR… Continue reading Massive Supply-Chain Cyberattack Breaches Several Airlines
Sandhills Medical Foundation has posted a notice of a data security incident on their web site, reproduced below. Based on the dates and description, it appears that this is the Netgain Technology LLC data breach that has previously been noted on Data… Continue reading SC: Sandhills Medical Foundation notifies patients of vendor breach
It appears that SIU was impacted by the Accellion breach that has been in the news a lot this past month. SIU is the first entity, however, to disclose that the incident impacted protected health information (PHI), although as DataBreaches.net reporte… Continue reading Southern Illinois University School of Medicine impacted by Accellion breach, notifies patients
Toh Ting Wei reports: About 580,000 Singapore Airlines (SIA) customers have been affected by a data leak at an external firm. SIA said in a statement yesterday that members of its KrisFlyer and PPS Club reward programmes have had their membership numbe… Continue reading Data of 580,000 Singapore Airlines customers leaked in SITA security breach
Andrew G. Simpson reports: Real estate software maker RealPage has been denied a $6 million computer crime insurance coverage claim because the stolen funds were not in its possession but were instead being held by a payment processing firm at the time… Continue reading Court Upholds Insurers’ Denial of $6M Crime Claim for Phishing Loss
As I noted yesterday on Twitter, Qualys was added to threat actor CLOP’s leak site, raising the question as to whether the firm had been an Accellion client. They had. Qualys issued a statement later yesterday. It said, in part: Qualys has confir… Continue reading The Accellion breach also impacted Qualys; threat actors start dumping files
AllyAlign Health (AAH), a Medicare Advantage special needs plan administrator, recently notified 76,348 members and providers of an attempted ransomware attack. But how successful were the threat actors? And what could the Virginia firm figure out and … Continue reading AllyAlign notifies 76,348 members and providers of ransomware attack
Josh Crabb reports: Electronic databases that contain personal information about some Manitoba students have been temporarily shut down following a security breach. The Maplewood system is run by an Ontario company and is used by 14 school divisions in… Continue reading Security breach prompts lockdown of some Manitoba student databases
I recently came across a breach report that is a useful reminder of the value of ensuring that business associate agreements (BAA) are in place, and that compliance with the agreements is assessed regularly. In this instance Humana, a health plan, rep… Continue reading In a year of supply-chain attacks, do you have your business associate agreements in place?