As part of its ongoing Chapter 11 bankruptcy proceedings, 23andMe Holding Co. - now named Chrome Holding - has reached a settlement with its cyber insurers for the carriers to buy back $16.5 million of the consumer genetics testing firm's unused cyber policy. What will the company do with the funds?
Kaiser Permanente has agreed to pay up to $47.5 million to settle litigation stemming from its use of tracking codes in its websites, patient portals and mobile apps. Claimants alleged the trackers unlawfully shared patients' information with third parties, including Google and Microsoft.
The state of Texas has dropped a federal lawsuit filed against the U.S. Department of Health and Human Services that sought to vacate the 25-year-old HIPAA privacy rule, as well as 2024 rule changes under the Biden administration that prohibit the disclosure of reproductive health information.
The U.S cyber defense agency issued an alert outlining how commercial spyware and state-aligned groups are abusing messaging-app features through malicious QR-based linking and zero-click exploitation to monitor U.S. government, military and other high-profile figures.
While information blocking regulations were authorized under the 21st Century Cures Act nearly a decade ago, regulators are only starting to ramp up enforcement of the prohibited practices. Attorney Nan Halstead of Reed Smith explains critical steps organizations need to take to comply.
Security researchers were able to scoop up the telephone numbers of billions of WhatsApp users through an enumeration tool provided by app owner Meta. The sheer quantity of leaked numbers - 3.5 billion in total - would amount to "the largest data leak in history."
Omni Family Health, a California nonprofit network of community health centers, has agreed to pay $6.5 million to settle proposed class action lawsuits related to a 2024 hack that may have exposed the personal information of nearly 470,000 current and former patients and employees on the dark web.
The sensitive health and genomics data of 1 million Americans used by a National Institutes of Health research project could be at risk for access or theft by bad actors, including foreign adversaries, a government watchdog group. Security weaknesses discovered in an audit are being addressed.
FIs face rising cyber complexity as threat actors evolve and insurers raise the bar. David Anderson, vice president of cyber at Woodruff Sawyer, a Gallagher company, explains how proactive defense, governance and privacy controls define the new economics of cyber risk.
Ransomware gang Clop has claimed the United Kingdom's National Health Service among its latest victims. The NHS confirmed that it is listed on a cybercriminal group's dark website, but did not comment on Clop's claims. The hack attack appears tied to Oracle E-Business Suite exploits.
The way you use your walk - specifically when striding through a Wi-Fi field shaped by directional antennae - can reveal who you are, found researchers who investigated the surveillance potential of wireless routers. "Every router is a potential surveillance device," say researchers.
A California-based vendor of software used to collect and analyze student data, including records of children with disabilities and special educational needs, has been fined a total of $5.1 million by the attorneys general in three states in the wake of a 2021 hack that affected 3 million people.
Sen. Bill Cassidy, R-La., a physician and chair of the Senate health committee, has proposed legislation that aims to create parallel HIPAA-like privacy protections to more types of health data - such as data collected by consumer wearable devices and health apps - not currently covered under HIPAA.
A Department of Homeland Security move to broaden an immigration verification database into a voter verification tool could expose sensitive information to security threats. Critics caution it accelerates a pattern of data being repurposed by the Trump administration for surveillance.
Proposed federal class action litigation and various investigations are piling up against Conduent Business Solutions following its recent public disclosure that an October 2024 hacking incident potentially compromised personal and health information of more than 10.5 million people.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
