I hold UC responsible for allowing my information to be exposed in this attack. What is UC is doing now to ensure my information is protected?
UC is reviewing security controls for centralized systems handling sensitive data, and is considering enhancements to its security program and controls. We are also working with local and federal law enforcement and third-party experts to investigate this incident, to determine what happened, what data was impacted, and who that data may belong to.
Source: https://ucnet.universityofcalifornia.edu/data-security/updates-faq/accellion-faq.html#1_6
Note that the response deflects from the issue of UC liability. According to another source, lawsuits are being filed against Accellion and at least in one case by individual victims against a user of Accellion:
...As the number of victims continues to trickle in, the breadth and scope of the Accellion incident bears hallmark to the Blackbaud incident—highlighting the need for entities to review vendor management processes. In the incident's wake, Accellion is facing at least 14 separate lawsuits led by some of the largest victims, including Kroger, Centene, and Washington state, among others.
Patients filed a lawsuit against Kroger for the Accellion hack, as well. Some victims are seeking to merge the lawsuits into one class action suit...
Full story at https://healthitsecurity.com/news/586k-trinity-health-patients-added-to-accellion-tally-as-lawsuits-pile-up
Is UC suing Accellion? Are individuals suing UC in some kind of class action as above?
===
*Prior postings: https://uclafacultyassociation.blogspot.com/2021/04/radio-silence-on-accellion-breach-part-2.html and https://uclafacultyassociation.blogspot.com/2021/04/radio-silence-on-accellion-breach.html.
No comments:
Post a Comment