Dr. James Breit recalled the day a hacker locked up his systems with ransomware at his plastic surgery practice. He paid $53,000 in ransom. Nearly, seven years later, after paying a $500,000 HIPAA fine, Breit claims he got better treatment from the cybercriminals than he did federal regulators.
A Colorado-based pathology laboratory is notifying more than 1.8 million patients that their sensitive information was compromised in an April hack, one of the largest breaches reported by a medical testing lab to U.S. federal regulators to date. Ransomware gang Medusa is blamed for the attack.
An upstate New York-based medical practice must spend $2.25 million to improve its data security practices over the next five years, plus pay state regulators up to a $1 million fine following an investigation into two ransomware attacks days apart in 2023 that affected nearly 224,500 people.
Proofpoint will acquire DSPM startup Normalyze to strengthen its data security offerings across cloud, SaaS and hybrid environments. The company aims to give security teams enhanced visibility, control and human-centric risk reduction for sensitive data across complex infrastructures.
LinkedIn is facing several proposed class action lawsuits filed in recent weeks in California alleging that the company is "intercepting" users' sensitive information related to appointments booked on medical websites through the use of web tracking tools for marketing and advertising purposes.
The Department of Health and Human Service last Friday submitted for White House review long-awaited updates to the 20-year-old HIPAA Security Rule containing modifications aimed at strengthening the cybersecurity of electronic protected health information.
Meta is rolling out facial recognition technology on its social media platforms to spot scam ads featuring celebrity deepfakes. Meta took down 8,000 of the "celeb bait" scam ads. The feature also aims to verify the identities of users locked out of their Facebook or Instagram accounts.
A Michigan-based dental practice with 250 centers across nine states has agreed to pay $2.7 million under a preliminary settlement of a proposed consolidated class action lawsuit centered on a 2023 hacking incident reported as affecting more than 1.9 million patients and employees.
Ransomware gang Rhysida is threatening to dump data on the darkweb that belongs to a Colorado provider of mental health, substance abuse and other healthcare services unless it pays nearly $1.5 million. The group is leaking records it claims to have stolen from a Mississippi nursing home.
General hospitals in New York State must now report cyber incidents to state regulators within 72 hours under new cybersecurity requirements that went into effect on Oct. 2. The hospitals have until next fall to comply with a long list of other security mandates, including appointing a CISO.
Relyance AI raised $32 million in Series B funding to grow its data governance platform. The funds will be used to scale operations, enhance real-time data visibility, and support enterprises in complying with complex global privacy regulations, ensuring responsible AI adoption across industries.
Targeted advertising may face additional restrictions following a ruling by the top European Union court that social media giant Meta cannot indefinitely retain user data. Nor can it use data for advertising "without distinction as to type of data," the European Court of Justice said Friday.
A misconfigured web server and the exposure of sensitive information for nearly 600,000 prison inmates in 2022 will cost medical claims processing company CorrectCare $6.49 million to settle a consolidated proposed class action lawsuit, according to court records.
The U.K. data regulator fined the Northern Ireland's Police Service 750,000 pounds following a 2023 data breach that exposed personal details of the entire workforce. The U.K. Information Commissioner's Office determined the breach occurred when police attempted to respond to two open records requests.
Four more European Union nations have joined a United States government-led initiative launched in March to tackle spyware misuse globally. The move came amid growing criticism of the European Commission's failure to curb the EU's prolific spyware market.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.