Collaborate Disseminate
LOS ANGELES – Law enforcement today unsealed criminal charges against five defendants who allegedly targeted employees of companies nationwide with phishing text messages and then used the harvested employee credentials to log in and steal non-public c… Continue reading 5 Defendants Charged Federally with Running Scheme that Targeted Victim Companies via Phishing Text Messages
Martin Matishak reports: A House Republican late last week introduced legislation to untangle the country’s jumble of cybersecurity regulations, keeping the bipartisan proposal alive as Congress finishes its work for 2024. The measure from Rep. Clay Hi… Continue reading Bipartisan effort to clean up cyber regulations gets a boost in House, but calendar is tight
Tina Kelley reports: A Cherry Hill resident has asked the U.S. Department of Education to investigate the Cherry Hill School District for releasing the names of dozens of students whose families opted them out of sex education classes. The breach came … Continue reading N.J. school accidentally released names of kids who opted out of sex education
NEW YORK – New York Attorney General Letitia James today secured $250,000 from a global movie theater operator, National Amusements, Inc. (National Amusements), that operates movie theaters in the Bronx and on Long Island for failing to protect their f… Continue reading Attorney General James Secures $250,000 from Movie Theater Operator for Failing to Protect Employees’ Personal Information
Sergiu Gatlan reports: Amazon confirmed a data breach involving employee information after data allegedly stolen during the May 2023 MOVEit attacks was leaked on a hacking forum. The threat actor behind this data leak, known as Nam3L3ss, published over… Continue reading Amazon confirms employee data breach after vendor hack
A recent article on the cybersecurity risks posed by mergers and acquisitions begins: When companies merge, it creates significant cybersecurity challenges in two main ways: firstly, challenges arise in integrating disparate security infrastructures, a… Continue reading In the midst of restructuring, Guardian Healthcare hit by ransomware attack
There’s an update to an incident affecting the City of Columbus, Ohio. That’s the one where a judge prohibited David L. Ross from talking to the media about it after the city sought to silence him after he began publicly refuting the city&#… Continue reading City of Columbus, Ohio cyberattack by Rhysida affected 500,000 residents
HHS OCR announced a second ransomware investigation settlement today. This one involved Bryan County Ambulance Authority (BCAA), a provider of emergency medical services in Oklahoma. The Bryan County Ambulance Authority breach occurred in November 202… Continue reading HHS Office for Civil Rights Settles HIPAA Ransomware Cybersecurity Investigation for $90,000
How many data breaches can an entity have before either some regulator steps in with a corrective action plan or something happens to reduce the likelihood of more breaches? Consider the following: Breach # 1 On February 22, 2022, Minuteman Senior Ser… Continue reading How many similar breaches can one entity have in one year before regulators do something?
In April 2023, DataBreaches reported two ransomware groups had each listed Albany ENT & Allergy Services (AENT) on their respective leak sites. But one month later, when AENT sent notifications to regulators and 224,486 affected employees and pati… Continue reading Albany ENT & Allergy Services settles state charges stemming from two patient data breaches; agrees to spend $2.25M on security program