Atlanta-based staffing agency Insight Global agreed to pay $2.7 million to settle alleged False Claims Act violations for failing to provide adequate cybersecurity on Covid-19 contract tracing data.
Cybersecurity
Posted inRisk Management
State AGs tell UnitedHealth to do more in cyberattack aftermath
UnitedHealth Group’s response to a major cyberattack in February that wreaked havoc with medical payments nationwide has been “inadequate” and must be improved immediately, a group of 22 state attorneys general told the company.
Posted inRisk Management
Mobile health apps must follow FTC breach notice rule after update
Mobile health applications and similar technologies must notify customers following a data breach or risk violating the Federal Trade Commission’s health breach notification rule.
Posted inEurope
Czech DPA fines Avast $15M over GDPR violations
The Czech Republic’s data protection authority issued a fine of 351 million Czech koruna (U.S. $15 million) against antivirus software vendor Avast for alleged violations of the General Data Protection Regulation.
Posted inRisk Management
Change Healthcare cyberattack updates detail massive impact, costs
The massive cyberattack on Change Healthcare has potentially compromised the personal and protected health information of an untold number of Americans, according to parent company UnitedHealth Group.
Provided by
Automate to Accelerate: Overcoming Staffing and Compliance Challenges in Cyber Risk Management
Spending countless hours tracking down controls evidence for your audit and compliance activities is an annoyance at best and a major drag on productivity and effectiveness at worst.
Posted inRisk Management
AT&T: Data leak exposed info of 73M customers onto dark web
AT&T said personal account data on approximately 73 million current and former customers was released on the dark web two weeks ago but has not yet identified when and where the breach occurred.
Posted inRisk Management
CISA teases cyber incident reporting rule for critical infrastructure
Financial businesses and other critical infrastructure entities would have to report significant cybersecurity and ransomware incidents to the federal government under a new rule that will be proposed by the Cybersecurity and Infrastructure Security Agency.
Posted inEurope
Deutsche Bank dinged $54K over IT incident reporting
Deutsche Bank was assessed a penalty of €50,000 (U.S. $54,000) by Germany’s financial supervisory authority for its alleged miscommunication of a 2023 information technology security incident.
Posted inEthics & Culture
Departing ABN AMRO risk chief says climate, cyber among priorities
Tanja Cuppen, chief risk officer of ABN AMRO, shared her view on the Dutch bank’s biggest risk focus areas and the accomplishments of her tenure a month ahead of her planned departure.
