LATEST POST
HHS Office for Civil Rights Imposes a $1,500,000 Civil Money Penalty Against Warby Parker in HIPAA Cybersecurity Hacking Investigation
The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a $1,500,000 civil money penalty against Warby Parker, Inc., a manufacturer and online retailer of prescription and non-prescription eyewear, concerning violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule, following the receipt of a breach […]
StopRansomware: Ghost (Cring) Ransomware
From a joint advisory by CISA and the FBI: The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) are releasing this joint advisory to disseminate known Ghost (Cring)— (“Ghost”)—ransomware IOCs and TTPs identified through FBI investigation as recently as January 2025. Beginning early […]
Judge Sets Deadline for Motions to Dismiss Claims in Change Healthcare Data Breach Lawsuits
The HIPAA Journal reports: A District Court Judge has set a March 2025 deadline for Change Healthcare to file motions to dismiss certain claims raised in multiple complaints in response to its February 2024 ransomware attack and data breach. In February 2024, Change Healthcare suffered a ransomware attack that resulted in file encryption and the […]
Australian IVF Giant Genea Discloses Cybersecurity Incident Exposing Company Data
TechNadu reports: Genea, one of Australia’s leading fertility service providers, has revealed a cybersecurity breach that disrupted patient services and raised concerns about the potential exposure of sensitive information. The company, which operates 21 clinics nationwide, confirmed the incident in a statement on its website on Wednesday. While Genea confirmed that an unauthorized party accessed its data, […]
Venture capital giant Insight Partners hit by cyberattack
Bleeping Computer reports: New York-based venture capital and private equity firm Insight Partners has disclosed that its systems were breached in January following a social engineering attack. The company manages over $90 billion in regulatory assets and has invested in over 800 software and technology startups and companies worldwide during its 30 years of activity. […]
Finastra Starts Notifying People Impacted by Recent Data Breach
SecurityWeek reports: British fintech giant Finastra last week started sending written notifications to individuals who had their personal information stolen in a data breach. The incident came to light in mid-November 2024, after a threat actor offered on an underground forum data allegedly stolen from the company’s systems. The hacker claimed the theft of 400 gigabytes […]
Palo Alto Networks warns of another firewall vulnerability under attack by hackers
TechCrunch reports: U.S. cybersecurity giant Palo Alto Networks has warned that hackers are exploiting another vulnerability in its firewall software to break into unpatched customer networks. Attackers are exploiting a recently disclosed vulnerability in PAN-OS, the operating system that runs Palo Alto Networks firewalls, the California-based company confirmed on Tuesday. Cybersecurity firm Assetnote first discovered the vulnerability, […]
Pro-Russian hackers attack Italian websites after president compares invasion of Ukraine to Nazis
Associated Press reports: A pro-Russian hacker group attacked Italian government websites on Tuesday in what it said was a reaction to a speech by Italian President Sergio Mattarella that compared Russia’s invasion of Ukraine to the Nazis ‘ “wars of conquest.” The NoName57 hacker group, which announced the attacks on social media, hit the websites of the defense, interior and transport ministries, as […]