Advocate Aurora Health to Pay $12.25 Million Settlement for Data Breach Class Action
In October 2022, Advocate Aurora Health notified three million individuals of a data breach resulting from its use of tracking pixels on its website for tracking website visitor activity. Now, this...
Rhode Island Data Breach Law Amended with Significant Changes
The Rhode Island General Assembly amended the state’s data breach law, known as the Rhode Island Identity Theft Protection Act (Act) that makes significant changes to notification requirements for state and...
EyeMed Pays Four State AGs $2.5M for Data Breach
EyeMed Vision Care, LLC has agreed to settle allegations lodged against it by four state Attorneys General for $2.5 million stemming from a data breach that occurred in 2020 and effected...
MedEvolve OCR Settlement for $350,000 due to Alleged Failures to Protect Data
On May 17, 2023, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced a settlement with MedEvolve, Inc. for $350,000. MedEvolve provides practice and revenue cycle...
OpenAI Owner of ChatGPT Suffers Data Breach
OpenAI, the developer of ChatGPT, stated that it has suffered a potential data breach in ChatGPT’s source code due to a vulnerability in the software. OpenAI “took ChatGPT offline…due to a...
NYAG Issues Fine Against Law Firm for Data Breach
New York Attorney General Letitia James announced on March 27, 2023 that she had levied a fine against law firm Heidell, Pittoni, Murphy & Bach LLP for failing to secure personal...
Annual Breach Notification Deadline to OCR Looming
HIPAA requires that covered entities notify the Office for Civil Rights (OCR) of any breaches of unsecured protected health information that affects less than 500 individuals in a calendar year within...
T-Mobile: Leaky API Exposes Data on 37 Million
U.S. Telecommunications giant T-Mobile disclosed on Thursday that hackers obtained data on 37 million customers through a vulnerable API (application program interface). The disclosure was included in an 8-K filing with...
IoCs vs. EoCs: What’s the difference and why should you care?
Security analysts and threat hunters know the importance of IOCs – indicators of compromise. But EOCs - enablers of compromise - are just as important.
The post IoCs vs. EoCs: What’s...
Chinese-Based Hackers Alleged to Have Stolen $20M in COVID-19 Relief Fraud Schemes
According to NBC News and Reuters, the United States Secret Service confirmed that hackers from APT41, a criminal cyber-hacking group linked to the Chinese Communist Party, stole “at least $20 million...