Indianapolis, Indiana-based Eskenazi Health has acknowledged that hackers stole some data and posted it on the darkweb after a ransomware attack. But the organization says it's not yet determined if individuals need to be notified because its investigation is still underway.
Why did an Atlanta-based medical specialty practice appear to wait up to seven months to notify thousands of individuals affected by a security incident "identified" in January?
Australia's data regulator says organizations hit by ransomware may be underreporting data breaches because they haven't thoroughly figured out if data was taken. But an "absence of evidence" of a data breach in a ransomware attack isn't sufficient to declare that no data was taken.
The latest edition of the ISMG Security Report features an analysis of the cybercrime-as-a-service model and how law enforcement could potentially disrupt it. Also featured: T-Mobile probes a massive data breach; tackling abuse in the workplace.
T-Mobile USA says its massive data breach is worse than it first reported: The count of prepaid and postpaid customers whose information was stolen has risen to 14 million. Also revised upward: its count of 40 million exposed credit applications from former customers and prospects.
Several ransomware incidents have been added to the federal tally of major health data breaches in recent weeks, with no signs of these attacks abating.
T-Mobile USA has confirmed that its systems were breached and that details for 7.8 million current T-Mobile postpaid customers and 850,000 prepaid customers as well as records for 40 million individuals who applied for credit were stolen.
Three banking trade groups are objecting to provisions of a bill now pending in Congress that would require security incident reporting within 24 hours of discovery. They also are raising concerns about other provisions.
When is a data exposure not just a data exposure? According to a U.S. Securities and Exchange Commission order, education publishing giant Pearson misled investors when it failed to proactively inform them that attackers had stolen millions of rows of student information, including poorly hashed passwords.
The ransomware attack that targeted Colonial Pipeline Co. in May compromised the personal information of more than 5,800 individuals, mainly current and former employees, according to a breach notification letter.
A Houston-based gastroenterology practice notified all 162,000 of its patients and employees that their information had potentially been compromised in a January ransomware incident, saying it would have been too costly and time-consuming to pinpoint which individuals had data exposed. Was that the right move?
In the wake of a recent cyberattack on UF Health Central Florida that disrupted access to patients' electronic health records for about a month during recovery, the entity is now reporting the incident also exposed patient information.
Several recent health data breaches involving vendors - including more reports related to the Accellion file transfer appliance hack - show that managing vendor security risks remains a difficult ongoing challenge in the healthcare sector.
An Orlando-based family physicians' practice is notifying nearly 450,000 patients, employees and others about a phishing incident tied to a financial fraud attempt.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.