Who's responsible for the data breaches experienced by customers of the data warehousing platform Snowflake due to credential stuffing attacks? While users have security responsibilities, multiple platforms - including Snowflake - have shortcomings they must urgently address.
An ex-employee of Microsoft's Nuance Communications unit is at the center of a 2023 data breach that affected more than 1 million patients of Pennsylvania-based healthcare system Geisinger. The Department of Justice has criminally charged the former Nuance worker in the incident.
Change Healthcare says it has begun to notify customers whose data was compromised in the February ransomware attack that affected scores of healthcare providers, health insurance plans and other organizations. The company will begin to notify affected individuals in late July.
In the latest weekly update, ISMG editors discussed critical infrastructure security challenges, a report on the 2022 Medibank breach compromising personal data for 10 million people, and Fortinet's acquisition to integrate Lacework's cloud-native security into its Security Fabric and SASE platform.
A Minnesota-based radiology practice is notifying more than 500,000 individuals that their information was accessed and potentially acquired by hackers. The incident is one of several major health data breaches reported by radiologists in recent months as affecting hundreds of thousands of patients.
Medibank's lack of MFA on its global VPN allowed a hacker to use credentials stolen from an IT services desk contractor to access the private health insurer's IT systems in 2022, leading to a dark web data leak affecting 9.7 million individuals, Australian regulators said in court documents.
Two U.S. senators are demanding UnitedHealth Group report a HIPAA breach and notify affected individuals no later than June 21, alleging the company is already violating HIPAA by dragging out the notification process in the aftermath of the Feb. 21 cyberattack on Change Healthcare.
A financially motivated hacker claims to have stolen over 34 gigabytes of data belonging to Singapore-based Telecom company Absolute Telecom. The hacker dubbed GhostR claims to have access to the company's data including corporate accounting, credit cards and customer information.
SecurityScorecard accused Safe Security and former employee Mary Polyakova in a civil complaint of stealing confidential customer information and engaging in unfair competition. The lawsuit seeks to protect SecurityScorecard's trade secrets and recover monetary damages.
Tens of thousands of hospitals and medical practices can breathe a little easier now. Federal regulators have given the green light for Change Healthcare to handle the breach notification to tens of millions of individuals affected in a February cyberattack. But the devil is in the details.
A Nebraska firm that provides medication benefits management and pharmacy services is notifying more than 2.8 million individuals of an October 2023 hacking incident involving the potential theft of their personal information, including Social Security numbers. Did the company pay a ransom?
An Illinois-based air-ground ambulance company is notifying more than 858,000 individuals that their sensitive information was compromised in a hacking incident that happened about a year ago. The breach is the latest hack on an ambulance company reported to regulators in recent weeks.
More than 100 medical associations and industry groups representing tens of thousands of U.S. doctors and healthcare professionals have banded together to urge federal regulators to hold Change Healthcare responsible for breach notifications related to a massive February ransomware attack.
Hollywood megastar Scarlett Johansson said a voice built into OpenAI's new GPT-4o is "eerily similar" to her own, despite her declining the company's request to lend it her voice. While AI firms have a penchant for moving fast and breaking things, how far can their appropriation go?
A Texas-based firm that provides health plan administration services is notifying more than 2.4 million individuals of a hacking incident and data theft that happened more than a year ago. Why did it take WebTPA so long to report that a breach occurred?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing devicesecurity.io, you agree to our use of cookies.