In 2013, Jelly Bean was contracted to create, host, and maintain the website of a the Florida Health Kids Corporation (FHKC), a federally funded Florida children’s health insurance provider. Jelly Bean agreed to create the website in compliance with HIPAA privacy and security protections, and the federal government funded 86 percent of the payments made from FHKC to Jelly Bean.
“The settlement announced today resolves allegations that from January 1, 2014, through Dec. 14, 2020, contrary to its representations in agreements and invoices, Jelly Bean did not provide secure hosting of applicants’ personal information and instead knowingly failed to properly maintain, patch, and update the software systems underlying HealthyKids.org and its related websites, leaving the site and the data Jelly Bean collected from applicants vulnerable to attack,” the DOJ alleged.
In December 2020, HealthyKids.org suffered a cyberattack resulting in the exposure of more than 500,000 applications containing sensitive data. Jelly Bean was allegedly running the site using multiple outdated and vulnerable applications, including software that had not been patched since November 2013.
“Government contractors responsible for handling personal information must ensure that such information is appropriately protected,” said Principal Deputy Assistant Attorney General Brian M. Boynton, head of the Justice Department’s Civil Division. “We will use the False Claims Act to hold accountable companies and...
Times of Malta's editorial team has demanded that alleged money-launderer Chris Spiteri remove false claims posted on Facebook against journalist Jacob Borg. An alert has also been filed with the ...