LATEST POST
Ukrainian hackers claim breach of Russian loan company linked to Putin’s ex-wife
The Record reports: The pro-Ukraine hacking group Cyber Alliance has claimed responsibility for a cyberattack on CarMoney, a Russian microfinance company linked to the former wife of President Vladimir Putin. CarMoney confirmed earlier this week that it had suffered a cyber incident, forcing it to shut down all systems after attackers sent spam messages to customers claiming the company […]
Nude photos of Beverly Hills plastic surgery patients exposed in data hacks, lawsuit alleges
The Los Angeles Times reports: A celebrity Beverly Hills plastic surgeon, who has appeared on television shows including “Botched” and “The Doctors,” is being sued by patients who allege that their nude photos were published online after he was hacked — twice — and that he waited months to inform them of the data breaches. […]
New York’s Health Information Privacy Act Poised to Become the Latest in a Growing Trend of State Data Privacy Laws
Seen at Epstein Becker Green’s Health Law Advisor: New York State appears poised to become the fourth state to explicitly regulate consumer health data not covered by the federal Health Insurance Portability and Accountability Act (HIPAA). In May of 2023, Washington State enacted the My Health My Data Act; in June of 2023, Connecticut amended […]
HHS Office for Civil Rights Imposes a $1,500,000 Civil Money Penalty Against Warby Parker in HIPAA Cybersecurity Hacking Investigation
The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a $1,500,000 civil money penalty against Warby Parker, Inc., a manufacturer and online retailer of prescription and non-prescription eyewear, concerning violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule, following the receipt of a breach […]
StopRansomware: Ghost (Cring) Ransomware
From a joint advisory by CISA and the FBI: The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) are releasing this joint advisory to disseminate known Ghost (Cring)— (“Ghost”)—ransomware IOCs and TTPs identified through FBI investigation as recently as January 2025. Beginning early […]
Judge Sets Deadline for Motions to Dismiss Claims in Change Healthcare Data Breach Lawsuits
The HIPAA Journal reports: A District Court Judge has set a March 2025 deadline for Change Healthcare to file motions to dismiss certain claims raised in multiple complaints in response to its February 2024 ransomware attack and data breach. In February 2024, Change Healthcare suffered a ransomware attack that resulted in file encryption and the […]
Australian IVF Giant Genea Discloses Cybersecurity Incident Exposing Company Data
TechNadu reports: Genea, one of Australia’s leading fertility service providers, has revealed a cybersecurity breach that disrupted patient services and raised concerns about the potential exposure of sensitive information. The company, which operates 21 clinics nationwide, confirmed the incident in a statement on its website on Wednesday. While Genea confirmed that an unauthorized party accessed its data, […]
Privilege Under Pressure: The Shifting Data Breach Investigation Landscape
From the law firm of Greenberg Traurig: Read more about recent federal cases that are posing challenges to claiming attorney-client privilege or work product doctrine at The National Law Review.