The Department’s Office for Civil Rights seeks to update HIPAA Security Rule for the first time since 2013 Source: U.S. Department of Health and Human Services, December 27, 2024
Commercial News- Danville reports a phishing attack on April 25 successfully gained access to a number of Illinois Department of Human Services (IDHS) employees’ email accounts. The result was more than 1 million people had their information accessed. More than 4,700 people — three of whom were employees — had their Social Security numbers in […]
In early January, loanDepot posted a message on its site about a cyberattack that resulted in it taking its systems offline. In February, BlackCat threat actors claimed responsibility for the attack while loanDepot began notifying almost 17 million customers. Now National Mortgage News reports that a settlement is pending approval by a federal court judge: […]
Merry Christmas, Happy Chanukah, and Happy Kwanzaa! Whatever holiday or holidays you celebrate, we wish you a happy one. The Data Breach Times will return on Thursday.
It took them months to update their report, but Ascension has now disclosed how many patients were affected by a ransomware attack they disclosed earlier this year. Bleeping Computer reports: Ascension, one of the largest private U.S. healthcare systems, is notifying nearly 5.6 million patients and employees that their personal and health data was stolen […]
It is the first lawsuit filed by a state attorney general against Change Healthcare over the February breach that affected 100,000 Americans. From the state’s December 16 press release: Download the court filing.
A press release from the DPC explains the penalty:
ADMINISTRATIVE PROCEEDINGFile No. 3-22360 December 16, 2024 – The Securities and Exchange Commission today filed settled charges against Flagstar Bancorp, Inc. (now known as “Flagstar Financial, Inc.”), for making materially misleading statements regarding a cybersecurity attack on Flagstar’s network in late 2021 (the “Citrix Breach”). The SEC’s order finds that Flagstar negligently made materially misleading statements […]
Deloitte has been getting its name in the news this month, but not in a good way. First, a ransomware group named “Brain Cipher” claimed to have attacked Deloitte UK. Deloitte responded to their claims by denying that their network was breached and stating that the breach involved a single client’s system that is not […]
There is an update to the reports of a Cleo file transfer vulnerability being exploited by hackers. Bleeping Computer reports that the same actors who were responsible for the massive MoveIT breach have also claimed responsibility for the Cleo breach: The Clop ransomware gang has confirmed to BleepingComputer that they are behind the recent Cleo […]
