A U.S. federal judge mostly stopped from going into effect a newly-enacted California law restricting the use of election-related deepfakes, ruling Wednesday the statute likely violates American freedom of speech guarantees. The legislation "acts as a hammer instead of a scalpel," the judge wrote.
In the latest weekly update, ISMG editors discussed recent international law enforcement efforts against Russian cybercrime organizations, the latest U.S. cybersecurity bill aimed at protecting the healthcare sector and key takeaways from ISMG's Canada Summit.
A misconfigured web server and the exposure of sensitive information for nearly 600,000 prison inmates in 2022 will cost medical claims processing company CorrectCare $6.49 million to settle a consolidated proposed class action lawsuit, according to court records.
A clinic in Hawaii is notifying 124,000 patients that their health data was potentially compromised in a May hack. LockBit 3.0 claims to have published the stolen records on its data leak site in June - months before global authorities this week disclosed a crackdown on the cybercrime gang.
California-based Graybill Medical Group physicians' practice says it's splitting up with its affiliate practice, Palomar Medical Group, which handles a variety of management services, because the firm allegedly provided an "inadequate" response to a cyberattack detected in May.
Two U.S. senators are proposing stricter cyber mandates for the healthcare sector. The bill provides funding to help hospitals adopt enhanced requirements, but lifts HIPAA enforcement fine caps and threatens executives with prison time for falsely attesting their organizations' compliance in audits.
As cyber fraud against senior citizens rises, at least four U.S. states are considering new legislation to fill the gaps in fraud protection normally covered by the federal Consumer Financial Protection Bureau. The bills would protect seniors by empowering banks to block suspicious transactions.
Genetics testing firm 23andMe will offer cash payments to millions of individuals whose sensitive data was compromised in a 2023 credential stuffing incident. Under the proposed $30 million lawsuit settlement, affected customers will also be offered dark web monitoring of their genetic data.
A Pennsylvania-based healthcare system that was hacked by ransomware group BlackCat in 2023 and extorted over stolen exam photos of breast cancer patients posted to a data leak site has agreed to pay $65 million under a proposed settlement of a lawsuit affecting 134,000 patients and employees.
Apple has filed a motion to dismiss its lawsuit against NSO Group, citing concerns over the potential exposure of sensitive threat intelligence information. The tech giant believes continuing the lawsuit could compromise its ability to protect users and lead to the disclosure of sensitive data.
Cybersecurity firm CrowdStrike has yet to see any lawsuits get filed against it by customers, following its July 19 faulty software update crashing systems worldwide. Does that speak to the company having run a well-executed crisis management strategy?
Texas Attorney General Ken Paxton is suing the Biden administration, alleging that "unlawful" HIPAA Privacy Rule regulations are hindering the state's law enforcement investigations into abortion cases and other reproductive health care cases.
The Department of Health and Human Services has dropped its appeal of a recent federal court decision saying that HHS exceeded its authority in warning HIPAA-regulated entities that it's unlawful to use online tracking tools to capture certain identifiers in user visits to health-related websites.
A vendor that provides information systems and transcription services to radiology practices is alerting 411,037 people of a hack discovered last December involving the theft of sensitive data. The firm already faces at least four proposed federal class action lawsuits related to the hack.
Brazil has begun blocking domestic access to social platform X - including criminalizing access by Brazilians who might use a VPN - after the company failed to comply with court orders tied to combating disinformation campaigns, and a law requiring it has a legal representative in the country.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.