A misconfigured web server and the exposure of sensitive information for nearly 600,000 prison inmates in 2022 will cost medical claims processing company CorrectCare $6.49 million to settle a consolidated proposed class action lawsuit, according to court records.
New voluntary ransomware guidance released during the International Counter Ransomware Initiative meeting this week calls for victims to report attacks to law enforcement on a more timely basis - and involve more advisers in deciding whether to pay a ransom.
A clinic in Hawaii is notifying 124,000 patients that their health data was potentially compromised in a May hack. LockBit 3.0 claims to have published the stolen records on its data leak site in June - months before global authorities this week disclosed a crackdown on the cybercrime gang.
California-based Graybill Medical Group physicians' practice says it's splitting up with its affiliate practice, Palomar Medical Group, which handles a variety of management services, because the firm allegedly provided an "inadequate" response to a cyberattack detected in May.
India's leading private health insurer Star Health Insurance suffered a major data breach in August, but the company's prolonged silence over the incident exposes businesses' placing a priority on protecting their reputation over their customers' concerns for data security and privacy.
Healthcare organizations often face obstacles in sharing cybersecurity information. Phil Englert and Errol Weiss from Health-ISAC advocate for shifting the focus from legal risks to business risks, improving incident response and building resilience through collaboration and transparency.
A Louisiana-based ambulance company that provides emergency medical care services in four states is notifying nearly 3 million people that their sensitive health information was potentially stolen in a June hack. Ransomware gang Daixin claims to have published the data on its dark web leak site.
The Digital Operational Resilience Act aims to reshape the financial services industry by introducing strict cybersecurity standards. Financial institutions must comply with the new rules by Jan. 17, 2025, or face severe penalties, said Richard Breavington, head of cyber and tech insurance at RPC.
A vendor that provides information systems and transcription services to radiology practices is alerting 411,037 people of a hack discovered last December involving the theft of sensitive data. The firm already faces at least four proposed federal class action lawsuits related to the hack.
Australian gold mining company Evolution Mining is investigating a ransomware attack that affected its IT systems but so far has not materially disrupted operations. The ransomware attack on the gold mining company follows a spate of attacks on Australian mining companies this year.
An Idaho-based medical center is notifying about 464,000 patients and employees that their sensitive information was potentially compromised in an attack detected in March. Ransomware group ThreeAM claims to have leaked on its dark web site 22-Gbytes of Kootenai Health's stolen data.
An Arizona-based technical school is notifying nearly 209,000 current and former students, parents and faculty that their personal, health and financial information was potentially compromised in a LockBit attack earlier this year. The ransomware hack is one of many hits in the education sector.
An Arkansas-based mental and behavioral health services provider is notifying more than 375,000 individuals of a data theft potentially compromising their sensitive personal and medical information. The organization already faces at least one proposed class action lawsuit in the wake of the breach.
Pharmaceutical maker Cencora - formerly AmerisourceBergen - in an updated filing this week told the U.S. Securities and Exchange Commission that a Feb. 21 cyberattack resulted in the theft of more data than previously reported - including personal and health information.
Change Healthcare officials projected that the company's massive February cyberattack affected one-third of the American population. So why did the IT services provider's HIPAA breach report to federal regulators lowball the initial estimate, saying the cyberattack only affected 500 people?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.asia, you agree to our use of cookies.