We bring to your attention a sampling of recent media stories involving cyber risk & privacy liability. Among the stories we’re highlighting this month: Broward Health Network Breached, Capital One Cyber Settlement to Cost $190 Million, N Korean hackers stole $1.7 billion from cryptocurrency exchanges, Jackson Public Schools Ups Cybersecurity after Hacker Attack, and more.
Healthcare
Broward Health Network Breached, Hacker Gains Access to Private Patient Information
Data breach included social security numbers, bank information, addresses and insurance and medical information. Click to read entire article
Top 10 healthcare breaches in the U.S. exposed data of 19 million
The healthcare sector has been the target of hundreds of cyberattacks this year. A tally of public data breach reports so far shows that tens of millions of healthcare records have been exposed to unauthorized parties. Click to read entire article
NJ Acting Attorney General Announces $425,000 Fine to Settle Breach Investigation
On December 15, 2021, the New Jersey Acting Attorney General Andrew J. Bruck announced that its Division of Consumer Affairs had reached a $425,000 settlement with New Jersey-based providers of cancer care, Regional Cancer Care Associates LLC, RCCA MSO LLC and RCCA MD LLC (collectively, “RCCA”), over alleged failures to adequately safeguard patient data. Click to read entire article
Financial Services
Settlement Alert – Capital One Cyber Settlement to Cost $190 Million
Capital One Financial Corp. agreed to pay $190 million to settle a class-action lawsuit that customers filed against the firm after a hacker broke into its cloud-computing systems and stole their personal information. Click to read entire article
Settlement Alert – Morgan Stanley to settle data breach lawsuit for $60M
Morgan Stanley will be settling its data security lawsuit filed by its customers by agreeing to pay $60 million. The complainants said the investment banking company failed to properly pull out some of its outdated information technology, and this led for their personal data to be exposed. For the settlement, each of the customers can apply for a repayment of up to $10,000 in out-of-pocket losses. Click to read entire article
Class Action Alert – Robinhood Markets, Inc
Wolf Haldenstein Adler Freeman & Herz LLP announces that a securities class action lawsuit has been filed against Robinhood Markets, Inc. in the United States District Court for the Northern District of California. On November 8, 2021, after the markets closed, Robinhood revealed that it had suffered a “data security incident” on November 3, 2021, in which an unauthorized third party had gained access. Click to read entire article
eCommerce
Pulse TV reports about 200,000 credit card credentials hacked
PulseTV, a popular e-commerce site in the United States, has revealed a data security incident involving over 200,000 credit card numbers. Click to read entire article
Cybercurrency
N Korean hackers stole $1.7 billion from cryptocurrency exchanges
The government-backed hackers from North Korea have stolen around $1.7 billion worth of cryptocurrency from different exchanges during the past five years, claim reports published by local South Korean media outlets Chosun and Newsis. Click to read entire article
Hacker Exploits Vulnerability To Steal 801,601 MATIC Tokens From Polygon
Polygon network, home to the popular MATIC token, has announced that its platform was exploited by an attacker to steal funds. It is now the latest in a long line of platforms that have announced that they have fallen victim to attacks where the hacker has been able to make off with tokens. Click to read entire article
Public Entity
Brown County received notification of a breach when computer system shut down in August
Emergency Management Director Scott Meints said the incident started on Aug. 1 when the county’s information technology department received a notification that an external agency had set up malware to activate and/or extract data from the county computer system. Click to read entire article
In Rhode Island, a perplexing data breach has prompted an inquiry by the Attorney General
On December 21, RIPTA issued a warning stating that it initially discovered a “security problem” on August 5. Between August 3 and August 5, RIPTA found that data had been stolen from their computers. Social Security numbers, residences, dates of birth, Medicare identification numbers and qualifying information, health plan member identification numbers, and claims information were all included in the data about RIPTA health plans. Click to read entire article
Jackson Public Schools Ups Cybersecurity after Hacker Attack
Jackson Public Schools officials say attackers sought to encrypt files and have the district pay a ransom to return the files, WJTV reports. Click to read entire article
EU/UK
UK Police Data Leaked to Dark Web; Russian Hackers Hold 13 Million Records to Ransom
After an apparent refusal to pay a ransom demand, Russian hackers have leaked a sampling of 13 million records of UK police data to the dark web in retaliation. Click to read entire article
Asia Pacific
Twitter Accounts Of Indian Medical Association, Council Of World Affairs Hacked
Twitter Accounts of the Indian Medical Association, the Indian Council of World Affairs and Mann Deshi Mahila Bank were hacked last night, with the account being renamed as Elon Musk to lure people into fake crypto traps. Click to read entire article
Sporting goods company issued warning for data protection breach
The Personal Data Protection Commission (“the Commission”) issued a Warning to Specialized Asia Pacific Pte. Ltd. (“SAP”) for breach its personal data protection obligations under Section 24 of the Personal Data Protection Act (“PDPA”) Specialized Asia Pacific Pte. Ltd. is a wholesale company of sporting products and equipment including bicycles and healthcare equipment, established in 2009 in Singapore. Click to read entire article
Data leak: 1.9 mln Vietnam crypto app users at risk
Personal data of 1.92 million users of Vietnamese digital currency app Onus has been leaked due to a security breach. Click to read entire article
