Collaborate Disseminate
Steve Alder reports: A lawsuit against CareFirst BlueCross BlueShield that was filed in response to a 2014 data breach has had a contract class certified by a federal judge, 9 years after legal action was initiated. The lawsuit can now proceed and more… Continue reading Contract Class Certified in CareFirst Data Breach Lawsuit 9 Years After Legal Action was Initiated
On March 28, 2024, the U.S. Department of Education—in coordination with the Cybersecurity and Infrastructure Security Agency (CISA)—held the kickoff meeting of the Education Facilities Subsector Government Coordinating Council (GCC), designed to facil… Continue reading K12 SIX Applauds Launch of K-12 Education Cybersecurity Council
On April 2, Arizona-based On Q Financial notified the Maine Attorney General’s Office of a breach the mortgage lender experienced. Within days, law firms announced investigations into the breach and sought potential class action members. Was ther… Continue reading On Q Financial announces data breach, law firm feeding frenzy follows
A quick note that the official draft of CIRCA is now published: A Proposed Rule by the Homeland Security Department on 04/04/2024 All information is linked from https://www.federalregister.gov/documents/2024/04/04/2024-06526/cyber-incident-reporting-fo… Continue reading Proporsed Rule: Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) Reporting Requirements
A recent listing on LockBit’s leak site about Crinetics Pharmaceuticals seemed unusual. It included a disclaimer: “Those responsible for the exfiltration of data belonging to this victim have no association, indirect or direct, with the Loc… Continue reading Threat actors walked away from a $1.8 million offer because the victim talked to the media?!
City of Hope updated its breach disclosure. DataBreaches can now reveal some previously undisclosed details about the 2023 incident. In December 2023, City of Hope, a cancer treatment center in Duarte, California, notified HHS that it had experienced a… Continue reading City of Hope updates a breach disclosure, reports 827,149 patients affected in ransomware attack last year
Christopher Brown reports: A proposed $6.49 million settlement of a lawsuit alleging that CorrectCare Integrated Health LLC failed to protect the personal information of 647,000 people in a January 2022 data breach was rejected by a federal court. Plai… Continue reading Proposed CorrectCare Breach Settlement Rejected Over Equitable Treatment
As of this morning, more than a dozen rehabilitation hospitals have disclosed a breach with unauthorized access to their systems between January 16 and February 4. The intrusion was discovered on February 1. The attack resulted in access to patient dat… Continue reading Ernest Health rehabilitation hospitals notify patients of ransom attack in January (1)
KCRG Staff report: A former Iowa City hospital administrator pleaded guilty on Monday to an identity theft scheme that spanned three decades and caused the victim to be falsely imprisoned for nearly two years. Officials said 58-year-old Matthew Keirans… Continue reading This may be the worst ID theft case you’ve ever read about
Zack Whittaker reports: Phone giant AT&T has reset millions of customer account passcodes after a huge cache of data containing AT&T customer records was dumped online earlier this month, TechCrunch has exclusively learned. The U.S. telco giant… Continue reading More than two years after a breach, AT&T resets account passcodes after customer records leak online