Connecticut Will Add More Privacy Requirements

SHRM: In May 2022, Connecticut’s governor signed legislation passing comprehensive consumer privacy law. While it doesn’t go into effect until July 1, 2023, businesses need to consider how to comply with the new law and put safeguards in place. 

More: HK Law | Reuters

Twilio hacked by phishing campaign targeting internet companies

Tech Crunch:  

Another week, another set of employees getting duped. Communications giant, Twilio, confirmed hackers gained access to customer data by tricking employees into providing their login credentials. The hackers didn’t use email but instead SMS phishing messages claiming to be Twilio’s IT department. The company revoked access to the compromised employee accounts and has increased its security training. 

More: The Verge | Wired |

CA Health System Reaches $340K Settlement Over Healthcare Data Breach

Health IT Security: Another healthcare provider is settling a class-action lawsuit due to a data breach. Salinas Valley Memorial Healthcare System in California has reached a settlement with over 2,000 patients for $340,000. While social security numbers of bank accounts were not stolen, other sensitive patient information was accessed. The lawsuit should serve as another warning to healthcare systems to review their compliance controls and tighten up their security measures. 

More: SC Magazine | SVMH | @secalertsasia