A Guess retail store. (N509FZ, CC BY-SA 4.0 https://creativecommons.org/licenses/by-sa/4.0, via Wikimedia Commons) Following news that noted fashion brand Guess suffered a data breach in which personal information may have been stolen, cybersecurity experts on Tuesday said that retailers should take this case as motivation to lock down their cyber defenses. News of the breach was first reported by BleepingComputer on Monday, though DataBreaches.net had previously reported that the DarkSide ransomware group had listed Guess on their data leak site in April. It’s certainly possible that the repo ..read more

University Medical Center of Southern Nevada is among the list of providers that reported a breach of health care information in the last week. (University of Nevada School of Medicine, Las Vegas) Practicefirst Medical Management Solutions and PBS Medcode recently notified 1.2 million patients that their data was accessed and stolen from its network, ahead of a ransomware attack deployed on Dec. 25, 2020. Praticefirst is a medical management company tasked with data processing, billing, and coding services for health care providers. On Dec. 30, the vendor discovered an attacker attempting to d ..read more

Kroger reached a $5 million lawsuit settlement with individuals impacted by a breach reported in February, as the Supreme Court hands down a decision on who can seek damages when a breach occurs. Here, a Kroger pharmacy personnel administers a vaccine. (PRNewsfoto/The Kroger Co.) Kroger reached a $5 million lawsuit settlement with individuals impacted by a breach reported in February. The settlement was the third legal action tied to a health care data breach this week, shedding light on the rise in breach-related lawsuit trends in the sector in the last few years. Meanwhile, the June 21 Supre ..read more

A patient receives an eye exam at a free health clinic. The health plan administrator Dominion National reached a $2 million settlement with the 2.9 million patients affected by a data breach. (Photo by John Moore/Getty Images) Insurance giant Dominion National reached a $2 million settlement with the 2.9 million patients affected by its nine-year data breach, first reported in 2019. The security incident was the second-largest breach reported to the Department of Health and Human Services that year. The settlement will provide each individual with up to $300 for out-of-pocket expenses stemmin ..read more

An exterior view of the Anthem Health Insurance headquarters. About 80 million company records were accessed in one of the largest health care data breaches. The company was hit with $16 million in fines tied to HIPPA violations in security and notification requirements. Anthem paid far more to settle a class action lawsuit and actions by state attorneys general in different U.S. states. (Photo by Aaron P. Bernstein/Getty Images) Navigating a breach response, managing the public relations crisis that often results, and eradicating hackers from the network takes a careful balance of requirement ..read more

Clout IT hosting company Netgain is is one of a number of vendors that experienced a breach that hit the health care community in the first half of 2021.(“File:NetGain Technologies.png” by Emily.cedargren is licensed under CC BY-SA 3.0) In 2021, the 10 largest reported health care data breaches, so far, have compromised the protected health information of nearly 16 million patients. It’s a staggering statistic on its own, considering there have been a host of other security incidents impacting more than 100,000 individuals that did not make the ongoing list. To put it in pe ..read more

A patient receives an eye exam at a free health clinic. A ransomware attack on an Iowa-based eye clinic earlier this year led to the access and possible theft of data belonging to 500,000 patients.(Photo by John Moore/Getty Images) A ransomware attack on Iowa-based Wolfe Eye Clinic earlier this year led to the access and possible theft of data belonging to 500,000 patients. While the initial cyberattack occurred in February, the complexity and scope of the incident was not determined until May 28. The security team observed an unauthorized individual attempting to access the network on Feb. 8 ..read more

Facebook co-founder, Chairman and CEO Mark Zuckerberg arrives to testify before the House Energy and Commerce Committee in Washington, DC. Facebook got some criticism of response when personal information of some 533 million Facebook users from 106 countries were exposed. (Photo by Chip Somodevilla/Getty Images) An important and often mandatory step in the incident response process is notifying your customers and the general public that an attack has transpired. There are important considerations when taking such an action. After all, there are some mistakes you should absolutely never make ..read more

The intrusion into Metropolitan Transportation Authority (MTA) systems in New York City Wednesday happened through a Pulse Secure zero day leveraged by Chinese threat actors. (MTA) The intrusion into Metropolitan Transportation Authority (MTA) systems in New York City Wednesday happened through a Pulse Secure zero day leveraged by Chinese threat actors. According to published reports, the MTA’s computer systems were penetrated in April, exposing vulnerabilities in the transportation network. A follow-up investigation by Mandiant found that the hackers did not gain access to the systems that co ..read more

The JBS meat packing plant in Greeley, Colorado. (Photo by Matthew Stockman/Getty Images) The North American and Australian IT systems of JBS, the largest meat processing company in the world, were the target of “an organized cybersecurity attack,” the company said in a statement Monday, confirming that its customers and supply chain could be impacted.  The incident is the latest example of a company forced to shut down portions of operations in an attempt to stop the bleeding from a cybersecurity attack. It also comes close on the heels of another high-profile cr ..read more