Stay Informed with the Latest News in Data Privacy and Learn about Exciting Job Opportunities

01. Cybercriminals Share Millions of Stolen Records During Holiday Break

In the days leading up to Christmas, cybercriminals conducted mass leaks of approximately 50 million records containing sensitive personal information. These leaks, mostly on the Dark Web, were labeled "Free Leaksmas", suggesting a mutual sharing of data among threat actors during the holiday season.

02. State AG Hits Hospital With $300K Fine for Web Tracker Use

NewYork-Presbyterian Hospital (NYP) has been fined $300,000 by New York state regulators for privacy violations related to its use of tracking tools on websites and patient portals. The hospital was found to have violated HIPAA rules by sharing patient information with third parties for marketing purposes.

03. Top Considerations for Complying With My Health My Data Act

Companies dealing with non-HIPAA-regulated health information need to prepare for compliance with Washington state's ‘My Health My Data (MHMD) Act’, effective March 31, 2024, for larger entities and June 30, 2024, for smaller entities. The MHMD Act focuses on regulating the collection, sharing, and selling of consumer health data not covered by HIPAA regulations.

04. Xerox Business Solutions Reveals Security Breach

Xerox Business Solutions (XBS), a subsidiary of Xerox, recently experienced a security incident in late 2023, with the Inc Ransom gang claiming responsibility for a ransomware attack. The Tampa-based company stated on December 30th that the incident was detected and contained, affecting only its US operations. While Xerox's corporate systems remained unaffected, a preliminary investigation suggests that limited personal information in the XBS environment may have been compromised. 

05. Fallon Ambulance Service Data Breach Impacts 911k Individuals

Fallon Ambulance Service, a former subsidiary of Transformative Healthcare serving the greater Boston area, disclosed a data breach affecting over 911,000 individuals.

Security Jobs On The Market

Bitcoin Talent Co. is hiring a Head of Security

Looking for “a Head of Security to take true ownership of security for the entire company by continuously identifying and mitigating risks to the company mission, vision, and brand through proactive security strategy.”

Skills required: 10+ years in IT or a related field, with 5+ years in a senior IT security or network engineering role, understanding of bitcoin’s security model and how cryptography and private keys are used to secure bitcoin, background in software engineering, dev ops, or IT infrastructure, CISSP, CISM, or other equivalent security certification required with CRISC, CISA, CISM preferred, ITIL, Agile and PMBOK certifications, experience at startups or small companies, experience in finance, banking, or accounting.

Learn more here

Atlassian is hiring a Manager of Product Security

Looking for “a Manager of Product Security who plays a key role in driving and managing the security of Atlassian’s products within the United States.”

Skills required: product security leadership, team management, security oversight, collaboration and communication, leadership development.

Learn more here

Wayfair is hiring a Software Engineering Manager, Enterprise Cybersecurity

Looking for “a Software Engineering Manager to lead the work securing the processes and technology used daily by thousands of employees across the US and Europe.”

Skills required: previous experience leading cybersecurity engineer teams, experience working in the PCI DSS Framework, strong knowledge of standards/frameworks (NIST, ISO, CIS Critical Security Controls, etc.), strong knowledge in enterprise cybersecurity domains, cloud security or architecture, implementing best practices security IoT devices and OT networks, and the Beyondcorp/Zero Trust Architecture experience preferred, an enthusiasm and passion for security and technology, a preference and ability to automate repetitive or time intensive tasks, strong communication of cybersecurity risk and ability to build cross-functional partnerships.

Learn more here