.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
Dean Levitt
Paubox Weekly: Oregon Health Plan is the newest victim of the MOVEit ransomware attack
Dean Levitt : August 4, 2023
Hello world,
Hello world,
Today’s Paubox Weekly is 469 words - a 2 minute read.
1. Hospitals and government agencies hit in global cyberattack exploiting MOVEit vulnerabilities
Several US federal government agencies have been hit in a global cyberattack that exploits vulnerabilities in MOVEit Transfer and MOVEit Cloud systems.
Why it matters: MOVEit, a managed file transfer product is widely used for HIPAA compliant transfers. These vulnerabilities could compromise the security of data transfers and expose hospitals and healthcare organizations to potential breaches.
What's next: The US Cybersecurity and Infrastructure Security Agency (CISA) has confirmed that it is providing support to several federal agencies that have experienced intrusions affecting their MOVEit applications.
Go deeper:
Did you know?
You can earn $250 for every organization you send our way. Here's how.
2. Data breach results in several class action lawsuits against Harvard Pilgrim Health Care
Hackers accessed more than 2.5 million individuals' protected health information in April. Now, Harvard Pilgrim Health Care faces class action lawsuits.
What happened: At least 4 civil suits have been filed and allege that a lack of proper cybersecurity measures caused the incident.
Was Harvard Pilgrim Health Care negligent?
3. Picking up litter in Minneapolis (Paubox Community Service)
Before our quarterly planning meeting in Minneapolis, we picked up trash around the Arthur Ventures building on 8th Street.
The bottom line: There wasn't much litter to pick up in downtown Minneapolis.
4. Supreme Court makes new decision on aggravated identity theft law
Last week, the Supreme Court ruled to narrow the reach of identity theft law, rejecting an interpretation of the law that would add 2 years in prison for certain felonies.
What happened: The issue was brought before the court because of a man who was convicted of overbilling Medicaid for psychological services never provided to patients.
Resolving the law's unintended consequences
5. What is HIPAA's safe harbor provision?
The HIPAA safe harbor provision is designed to lessen financial penalties and shorten compliance inspections for covered entities.
Why it matters: The provision exempts covered entities from financial penalties and corrective action plans if they can prove that they implemented recognized security practices for at least one year.
Allows the HHS to exercise discretion
Community links
- Notice of Proposed Rulemaking around reproductive health. Link
- HIPAA and the FDA: Regulating privacy in medical health apps. Link
- How does legislation affect mobile health apps? Link
- HIPAA compliant email marketing for dentists. Link
- Does healthcare email marketing need to be HIPAA compliant? Link
Good reads from around the web
- Synthetic human embryos created in groundbreaking advance. Link
- Google says its Lens image search can now help identify skin conditions. Link
- Asynchronous Care: Advancing Equitable Access to Healthcare. Link
- One in three say books offer best form of escapism when having a bad day. Link
- [PODCAST] Mitigating AI biases in healthcare. Link
GCBHS settles ransomware data breach lawsuit for $850K
Farah Amod : November 5, 2025
A 2023 ransomware attack exposed sensitive health and personal data of over 60,000 people; legal settlement now moves forward.
Google moves quantum-resistant encryption shift to 2029
Google moved its migration to quantum-resistant encryption across products, targeting completion by 2029 amid faster-than-expected quantum computing ...