Queen Creek Medical Center (QCMC), also known as Desert Wells Family Medicine, located in Arizona, has notified up to 35,000 patients of a data breach following a ransomware attack that corrupted its medical records system, leading to a loss of a significant number of records.
According to a letter sent to patients, QCMC discovered that
The Office for Civil Rights (OCR) recently announced that it has entered into the 20th settlement under its Right of Access Initiative. The settlement with Children’s Hospital and Medical Center in Nebraska includes an $80,000 payment by the hospital for failing to provide a mother with timely access to her daughter’s medical records.
According
Although executives of organizations report that ransomware is their number one security concern, and 87 percent of them expect an increase in cyber-attacks against their organizations over the next year, only one-third of them said they had conducted a tabletop exercise to prepare for a ransomware attack.
According to a survey of 50 executives, Deloitte
We have noted before how important it is to update the operating system (OS) on your mobile phone as soon as you receive notice from the manufacturer. This week, Apple issued an update to the iOS that is considered urgent.
Apple released two patches this week to address two security vulnerabilities in iPhones, including to
On August 25, 2021, the FBI issued a Flash Alert to warn companies, especially in the health care industry, about the proliferation of attacks by threat actors using Hive ransomware.
According to the Flash Alert, Hive was first observed in June 2021: “Hive ransomware uses multiple mechanisms to compromise business networks, including phishing emails with
When GDPR became effective three years ago, companies took notice of the fines and penalties attached to violations of the stringent privacy law—4 percent of global annual sales. The fines have been racking up, including the most recent one by the Irish Data Protection Commission against WhatsApp—$266 million. WhatsApp is owned by Facebook.
The fine
In a second case against stalkerware apps and the first where the FTC has banned a company from doing business, the FTC announced on September 1, 2021, that it has “banned SpyFone and its CEO…from the surveillance business over allegations that the stalkerware app company secretly harvested and shared data on people’s physical movements, phone
According to a report issued on August 24, 2021, by Unit 42 of Palo Alto Networks Ransomware Groups to Watch: Emerging Threats, four emerging ransomware groups “are currently affecting organizations and show signs of having the potential to become more prevalent in the future.”
The four emerging groups identified by Unit 42 include:
AvosLocker,
Yesterday (August 25, 2021), the Cybersecurity and Infrastructure Security Agency (CISA) issued a fact sheet offering suggestions to government agencies and private companies on how to prevent and respond to a ransomware attack.
The fact sheet, entitled Protecting Sensitive and Personal Information from Ransomware-Caused Data Breaches provides organizations with tips to prevent and respond to
As a former Assistant Attorney General, I have a soft place in my heart for Attorneys General as consumer protection advocates. Most state AGs have the primary jurisdiction to enforce compliance with consumer protection laws in their states. Some are more aggressive than others, such as New Mexico Attorney General Hector Balderas, who recently sued