News
Advocate Aurora Health to Pay $12.25 Million Settlement for Data Breach Class Action

In October 2022, Advocate Aurora Health notified three million individuals of a data breach resulting from its use of tracking pixels on its website for tracking website visitor activity. Now, this...

Read more
News
Rhode Island Data Breach Law Amended with Significant Changes

The Rhode Island General Assembly amended the state’s data breach law, known as the Rhode Island Identity Theft Protection Act (Act) that makes significant changes to notification requirements for state and...

Read more
News
EyeMed Pays Four State AGs $2.5M for Data Breach

EyeMed Vision Care, LLC has agreed to settle allegations lodged against it by four state Attorneys General for $2.5 million stemming from a data breach that occurred in 2020 and effected...

Read more
News
MedEvolve OCR Settlement for $350,000 due to Alleged Failures to Protect Data

On May 17, 2023, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced a settlement with MedEvolve, Inc. for $350,000. MedEvolve provides practice and revenue cycle...

Read more
News
OpenAI Owner of ChatGPT Suffers Data Breach

OpenAI, the developer of ChatGPT, stated that it has suffered a potential data breach in ChatGPT’s source code due to a vulnerability in the software. OpenAI “took ChatGPT offline…due to a...

Read more
News
NYAG Issues Fine Against Law Firm for Data Breach

New York Attorney General Letitia James announced on March 27, 2023 that she had levied a fine against law firm Heidell, Pittoni, Murphy & Bach LLP for failing to secure personal...

Read more
News
Annual Breach Notification Deadline to OCR Looming

HIPAA requires that covered entities notify the Office for Civil Rights (OCR) of any breaches of unsecured protected health information that affects less than 500 individuals in a calendar year within...

Read more
News
T-Mobile: Leaky API Exposes Data on 37 Million

U.S. Telecommunications giant T-Mobile disclosed on Thursday that hackers obtained data on 37 million customers through a vulnerable API (application program interface). The disclosure was included in an 8-K filing with...

Read more
News
IoCs vs. EoCs: What’s the difference and why should you care?

Security analysts and threat hunters know the importance of IOCs – indicators of compromise. But EOCs - enablers of compromise - are just as important.
The post IoCs vs. EoCs: What’s...

Read more
News
Chinese-Based Hackers Alleged to Have Stolen $20M in COVID-19 Relief Fraud Schemes

According to NBC News and Reuters, the United States Secret Service confirmed that hackers from APT41, a criminal cyber-hacking group linked to the Chinese Communist Party, stole “at least $20 million...

Read more