Stay up-to-date on what is happening with privacy laws, as well as stories about leaks of private information from security breaches in the public and private sector. Ironwall by Incogni has provided emergency services to individuals, businesses, police organizations and courts in the wake of hacking incidents and ransomware attacks.
Last updated: November 20, 2024
To Our Friends in the Media
If you are a member of the media and would like more information about any of these stories, or input from our CEO on privacy laws, the danger of privacy hacks, or how online privacy protection works, please contact us at [email protected].
Phishing and Ransomware Attacks
Ransomware Attack on Oklahoma Medical Center Impacts 133,000
Great Plains Regional Medical Center in Oklahoma is notifying over 133,000 individuals that their personal information was compromised in a ransomware attack.
Cyber insurance demand surges as ransomware targets businesses of all sizes
As more companies begin to understand their exposure, Ritchie sees an increasing uptake in cyber insurance policies. However, the process of convincing businesses to invest in cyber coverage often involves educating them on the specific vulnerabilities they face. One effective method is to present potential clients with a detailed analysis of their risk profile.
Aspen Healthcare Services Announces Data Breach Following Ransomware Attack
On November 18, 2024, Aspen Healthcare Services (“Aspen Healthcare”) filed a notice of data breach with the Attorney General of Texas after discovering that the company was targeted in a ransomware attack. In this notice, Aspen Healthcare explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names, dates of birth, addresses, insurance IDs, health records, and Social Security numbers.
Phishing scheme led to $2.2 million taken from Grand Forks Public Schools
The business manager of Grand Forks Public Schools said Monday the $2.2 million swindled from the district earlier this year was taken in a phishing scheme. In a phishing attack, attackers deceive employees into revealing sensitive information or installing ransomware or malware.
Columbus, Ohio Notifies 500,000 of Data Breach from Ransomware Attack
According to Security Week, the ransomware group posted the city’s data on the dark web, including individuals’ names, addresses, dates of birth, bank account information, driver’s license information, Social Security numbers, and other identifying information. Columbus reported to the Maine Attorney General that it is notifying 500,000 individuals that their personal information was affected by the incident, and is offering those who are affected 24 months of credit monitoring and dark web monitoring.
Houston Housing Authority Grapples with Dual Crises, Ransomware Attack Amid Alleged Fiscal Misconduct Scandal
The Houston Housing Authority (HHA) finds itself ensnared in a digital chokehold, a ransomware attack has breached its network. The cyber intrusion occurred over a month ago, on September 22. Yet, amid inquiries, the full scope of compromised accounts remains undisclosed by HHA, as KPRC 2 Investigates reported.
Phishing attacks continue to wreak havoc for average Americans
According to the Comcast Business 2024 Cyber Security Threat Report, 2.6 billion phishing interactions were detected by Comcast Business in 2023. That same report indicated that the general public should not consider a phishing attack to be a vague possibility. They should consider it an inevitable threat.
LA housing authority admits data breach following ransomware attack
The Housing Authority of the City of Los Angeles (HACLA) has suffered its second ransomware attack in as many years. Threat actors known as Cactus added HACLA to its data leak website, claiming to have stolen 891 GB of files from the organization. The archives reportedly include, "personal Identifiable Information, actual database backups, financial documents, executives\employees personal data, customer personal information, corporate confidential data and correspondence.”
City of Columbus: Data of 500,000 stolen in July ransomware attack
The City of Columbus, Ohio, notified 500,000 individuals that a ransomware gang stole their personal and financial information in a July 2024 cyberattack. Ohio's capital city (with a population of over 905,000) was hit by the ransomware attack on July 18. The resulting outages affected various services and IT connectivity between public agencies. City officials announced at the end of July that no systems had been encrypted and revealed that the City's administration was still investigating the possibility that sensitive data had been stolen during the breach.
UnitedHealth Ransomware Attack Exposed 100 Million People
Data on over 100 million people was exposed because of the ransomware attack on UnitedHealth subsidiary Change Healthcare earlier this year, according to a document from the US Department of Health and Human Services' Office for Civil Rights. Personal information like names and physical addresses, birth dates, Social Security numbers, driver's license numbers, and passport numbers were stolen in the breach, along with contact information like phone numbers and email addresses. Medical data was also stolen, along with some financial and banking data that appeared on various records.
Threats Against Judges
Texas woman pleads guilty to threatening judge in Trump's election case
A Texas woman pleaded guilty on Wednesday after being charged with threatening to kill individuals including the federal judge overseeing the 2020 election subversion criminal case against Republican President-elect Donald Trump.
Man who threatened Chester County judge and attorneys won’t represent self at upcoming trial
A Luzerne County man who allegedly threatened to harm a Chester County Common Pleas Court judge, a county prosecutor, and his own attorney in anger over the pace of criminal charges he faces in connection with accusations he physically assaulted and stalked a former girlfriend has decided to abandon plans to represent himself at his upcoming trial.
Illinois man ordered detained in threats against federal judge in St. Lucie County
n Illinois man was ordered detained on federal charges he threatened a federal judge in St. Lucie County, which is part of the Southern District of Florida. According to allegations in the six-count indictment, Eric James Rennert transmitted threats on May 25, May 28 and July 24 of injuring and kidnapping a U.S. judge and the family of the federal judge, with the "intent to impede, intimidate, and interfere with the judge while engaged in the performance of official duties."
Imprisoned man gets extra time for graphically violent threats against federal judge
A federal judge on Thursday sentenced an incarcerated man to 10 additional years in prison after he admitted making repeated threats to a judge and former probation officer and threatening to blow up the Thomas F. Eagleton Federal Courthouse in downtown St. Louis. In recommending the maximum sentencing allowable, Weinhoeft described Russell as a lifelong criminal who harbors an “obsessional hatred” for the sentencing judge and wrote consistently about “dark fantasies of retribution” against the court officials and other threats including rape, incest, murder and school shootings.
Illinois man ordered detained in threats against federal judge in St. Lucie County
According to allegations in the six-count indictment, Eric James Rennert transmitted threats on May 25, May 28 and July 24 of injuring and kidnapping a U.S. judge and the family of the federal judge, with the "intent to impede, intimidate, and interfere with the judge while engaged in the performance of official duties."
Norristown woman accused of threatening judge who sent her to jail in previous threats case
Moments after a Montgomery County judge sent her to jail for threatening district court staff in Plymouth Township, an "agitated" Norristown woman unleashed threats against the judge, according to court documents.
Privacy Laws
State privacy laws aren't protecting personal financial data, CFPB says
New state privacy laws don't do enough to protect personal information used by financial businesses, a federal regulator says. Eighteen states, including California and Texas, passed privacy laws between Jan. 2018 and July 2024, but all the laws have exemptions for financial companies or data tied to federal legislation, the Consumer Financial Protection Bureau said Tuesday in a report.
What a new Trump mandate could mean for American data privacy rights
Former President Donald Trump will return to the White House for a second term with issues such as Ukraine, the Middle East and immigration highest on his agenda – but what will the US President elect's new mandate mean for data protection and online privacy for the American people?
Navigating California’s Evolving Privacy Landscape: Key Updates from the November 8th CPPA Board Meeting on Rulemaking and What It Means for You
On Friday, the California Privacy Protection Agency’s Board convened to tackle some critical privacy issues, including the creation of a new state-managed platform where consumers can submit opt-out requests to data brokers. In a surprising turn of events, the Executive Director, Ashkan Sultani, announced his resignation, though the reasons behind his departure were not clear from what was shared during the meeting. The Board also covered a series of major rulemaking initiatives focused on automated decision-making technologies and data brokers.
Are You Ready for Eight More Privacy Laws in 2025?
In 2025, eight additional states' comprehensive privacy laws will come into effect, further increasing the complexity of compliance. By the end of next year, approximately 150 million Americans—43% of the U.S. population—will be covered by comprehensive state-level privacy regulations.