Data breaches or leaks involving health or medical data.
While many ransomware groups claim there’s nothing personal in what they are doing and that it’s “just business,” there are some lines even criminals should never cross. Interfering with patient care when lives might be on the line if care is delayed or disrupted is one such line. Attempting to harass, threaten, or extort seriously […]
The Record reports: A ransomware attack in May exposed 2.5 million patients of hospitals connected to healthcare giant Norton Healthcare. In notices submitted to regulators in Maine and California last week, the company said it discovered the attack on May 9 and later confirmed that it was dealing with a ransomware incident. After an investigation, the company said the […]
The HIPAA Journal reports: In late September 2023, Indiana Attorney General Todd Rokita filed a lawsuit against CarePointe ENT over a ransomware attack and data breach that affected 48,742 individuals. A settlement has been reached that will see CarePointe pay $125,000 to resolve alleged violations of the Health Insurance Portability and Accountability (HIPAA) Act and […]
CBIZ KA is a third-party vendor for Prime Healthcare that was affected by the MOVEit breach. They have issued the following notice: CBIZ KA, a third-party vendor for Prime Healthcare (Prime), discovered a security incident involving CBIZ’s use of MOVEit Transfer software, which has recently reported a security vulnerability. Prime takes the responsibility of safeguarding […]
TechCrunch reports: housands of exposed servers are spilling the medical records and personal health information of millions of patients due to security weaknesses in a decades-old industry standard designed for storing and sharing medical images, researchers have warned. This standard, known as Digital Imaging and Communications in Medicine, or DICOM for short, is the internationally recognized […]
On December 6, Fresenius Medical Care AG filed Form 6-K with the Securities and Exchange Commission. The filing disclosed a data breach: On September 29, 2023, Cardiovascular Consultants, Ltd. (CVC), a subsidiary of Fresenius Medical Care AG (the Company) located in the United States (U.S.), became aware that some of its computer systems in the U.S. were […]
CTV reports: A group of southwestern Ontario hospitals is facing a potential $480-million class action lawsuit after at least 270,000 patients in the region had their data breached and reportedly sold by hackers on the dark web. The breach, first detected on Oct. 23, targeted Bluewater Health, Chatham-Kent Health Alliance, Erie Shores HealthCare, Hôtel-Dieu Grace […]
Ardent Health Services owns and operates 30 hospitals and health systems with 200+ sites of care with more than 1,400 aligned providers in six states. Earlier today, they posted a security incident notice on their site: Ardent Health Services and its affiliated entities (“Ardent”) became aware of an information technology cybersecurity incident on the morning of […]
CNN reports: A network of hospitals in East Texas has not been able to accept ambulances to emergency rooms since Thanksgiving Day because of a “potential [cyber]security incident,” a hospital spokesperson told CNN on Friday. The hospital network, UT Health East Texas, is operating using “established downtime procedures” as the hospital investigates “a potential security incident” and works to bring computers back online, spokesperson Allison Pollan said in an email. Pollan did not respond to subsequent […]
YourErie.com reports: Read more at YourErie.com. Although not mentioned in their report, this incident was reported to the U.S. Department of Health and Human Services on November 9 as affecting 168,921 patients. Also not mentioned on WGH’s website is that the threat actors are known and they are leaking the employee and patient data on […]
