News - The Data Breach Times

September 11, 2023

1381 views 5 mins 0

L.A. Care Healthplan settles HHS OCR charges stemming from multiple violations for $1.3 million and corrective action plan

Today, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced a settlement of potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Rules with LA Care, the nation’s largest publicly operated health plan that provides health care benefits and coverage through state, federal, and commercial programs. OCR enforces the HIPAA […]

Data Breach News, News

September 11, 2023

2298 views 16 secs 0

Dissecting the MOVEit breach: Lessons learned from the ransomware attack

The MOVEit data breach, discussed in an earlier post, continues to make headlines. As SDX reports: Orchestrated by ransomware gang CL0P exploiting a zero-day vulnerability, it is now considered one of the largest hacks of 2023 — and potentially in recent history. To date, it is known to have impacted more than 1,150 organizations and nearly 56 million individuals, […]

News, Healthcare, Legal News

September 07, 2023

1293 views 4 mins 0

Schneck Medical Center Settles State’s Lawsuit Over 2021 Data Breach

In September 2021, Jackson County Schneck Memorial Hospital (Schneck Medical Center) in Indiana disclosed that they had been a victim of a cyberattack. Their first statement is no longer available on their website but was archived by a news site. That statement did not disclose that personal and protected health information had been accessed and […]

News, Legal News

August 29, 2023

4954 views 10 mins 0

Data Breach Notification Laws

One, in the absence of any specific law or regulation the person who was hacked is not required to notify anyone, including the people whose information was accessed, that their information was compromised. That is why access to the below specific notification requirements is critically important. Two, if there is a requirement to notify people […]

News, Vendor News

August 28, 2023

9617 views 9 mins 0

Vendors to be(a)ware of

After it has been determined that a breach has taken place, there are various tasks that need to be done that are usually not in the sweet spot of the person that has been breached. Several vendors pretend they have a vertically integrated, one stop shop, solution. They don’t. They use third-party vendors who hide […]

News, New Threats

August 27, 2023

7577 views 7 mins 0

Etiology of a Breach

Most data breaches involve some level of victim human error, which theoretically employee training can address. Human error can take the form of clicking on a link, where the email address of the sender is unknown to the person clicking on the link. Malware then enters the scene. Another common human error scenario involves phishing […]