A Georgia-based home health and hospice provider will pay $425,000 to Massachusetts to settle litigation stemming from a 2020 breach affecting about 166,000 individuals nationwide. The agreement comes shortly after Aveanna Healthcare settled a proposed class action lawsuit in federal district court.
The British data watchdog says the U.K. Department for Education shouldn't have allowed a private company to use student records to check whether new users of gambling apps were underage. A departmental spokesperson said it will ensure such misuse of the database doesn't reoccur.
SolarWinds, maker of network management software famously hacked by the Russian government, may be the subject of an investigation by the U.S. Securities and Exchange Commission after staff made a preliminary determination in its favor. The company says it will contest the staff recommendation.
A U.S. senator is suggesting adding cybersecurity standards to the list of federal prerequisites for medical practice participation in Medicare. Cybersecurity is a patient safety issue, says Mark Warner (D-Va.). He today released a slew of proposals for augmenting healthcare cybersecurity.
Tributes are being paid to Vitali Kremez, who has died at the age of 34 in a suspected scuba-diving accident. The renowned threat intelligence expert, born in Belarus, had long tracked Russian cybercrime syndicates and was part of an ad hoc group established to counter ransomware and help victims.
Federal regulators have issued new guidance explaining how they will consider the "recognized security practices" of healthcare entities and their business associates during HIPAA enforcement activities, such as breach investigations and security audits.
A second healthcare entity is self-reporting its use of Facebook Pixel in web patient portals as a data breach to federal regulators. North Carolina-based WakeMed Health and Hospitals told federal regulators it disclosed to the social media giant patient information of half a million individuals.
Many ransomware-wielding attackers - including big-name groups - have been collectively shooting themselves in the foot by resorting to "amateur" tactics, including decryptors that fail to decrypt as well as gangs re-extorting the same victims. Cue fewer victims opting to pay a ransom.
Elon Musk lugged a sink into Twitter headquarters to announce his takeover of the social network. But it will take more than a porcelain prop for the richest person in the world to successfully surmount the cybersecurity, legal, disinformation, regulatory and other challenges facing Twitter.
Healthcare entities need to rehearse breach response playbooks to avoid paying fines to the Department of Health and Human Services for poor incident response after a severe breach. Well-tested security incident response plans ensure the security of patient data, says the HHS Office of Civil Rights.
The federal tally of health data breaches reached a new milestone this week: Since its inception in September 2009, more than 5,000 major incidents have been posted to the Department of Health and Human Services' HIPAA breach "wall of shame."
As controversy grows around the use of Facebook Pixel code and similar tracking tools that harvest sensitive health and other personal data of consumers, so does the pressure from lawmakers demanding answers from tech vendors about those data collection practices.
An inquiry into European Union countries' use of Pegasus spyware is running into national opposition, said Jeroen Lenaers, head of the investigative committee. Pegasus can invoke national security sensitivities, Lenaers acknowledged, but said the inquiry is concentrated on questions of law.
Health insurer EyeMed Vision Care will pay New York regulators $4.5 million to settle an investigation into its 2020 data breach incident. States are becoming more aggressive in applying enforcement actions against data breaches, say regulatory attorneys.
The chief executive of alcohol delivery app Drizly is set to come under a decadelong requirement imposed by the U.S. Federal Trade Commission to ensure whatever company he oversees has an information security program. A hacker stole customer records of 2.5 million individuals from Drizly in 2020.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.