Data breaches or leaks involving health or medical data.
The HIPAA Journal reports: In late September 2023, Indiana Attorney General Todd Rokita filed a lawsuit against CarePointe ENT over a ransomware attack and data breach that affected 48,742 individuals. A settlement has been reached that will see CarePointe pay $125,000 to resolve alleged violations of the Health Insurance Portability and Accountability (HIPAA) Act and […]
CBIZ KA is a third-party vendor for Prime Healthcare that was affected by the MOVEit breach. They have issued the following notice: CBIZ KA, a third-party vendor for Prime Healthcare (Prime), discovered a security incident involving CBIZ’s use of MOVEit Transfer software, which has recently reported a security vulnerability. Prime takes the responsibility of safeguarding […]
TechCrunch reports: housands of exposed servers are spilling the medical records and personal health information of millions of patients due to security weaknesses in a decades-old industry standard designed for storing and sharing medical images, researchers have warned. This standard, known as Digital Imaging and Communications in Medicine, or DICOM for short, is the internationally recognized […]
On December 6, Fresenius Medical Care AG filed Form 6-K with the Securities and Exchange Commission. The filing disclosed a data breach: On September 29, 2023, Cardiovascular Consultants, Ltd. (CVC), a subsidiary of Fresenius Medical Care AG (the Company) located in the United States (U.S.), became aware that some of its computer systems in the U.S. were […]
CTV reports: A group of southwestern Ontario hospitals is facing a potential $480-million class action lawsuit after at least 270,000 patients in the region had their data breached and reportedly sold by hackers on the dark web. The breach, first detected on Oct. 23, targeted Bluewater Health, Chatham-Kent Health Alliance, Erie Shores HealthCare, Hôtel-Dieu Grace […]
Ardent Health Services owns and operates 30 hospitals and health systems with 200+ sites of care with more than 1,400 aligned providers in six states. Earlier today, they posted a security incident notice on their site: Ardent Health Services and its affiliated entities (“Ardent”) became aware of an information technology cybersecurity incident on the morning of […]
CNN reports: A network of hospitals in East Texas has not been able to accept ambulances to emergency rooms since Thanksgiving Day because of a “potential [cyber]security incident,” a hospital spokesperson told CNN on Friday. The hospital network, UT Health East Texas, is operating using “established downtime procedures” as the hospital investigates “a potential security incident” and works to bring computers back online, spokesperson Allison Pollan said in an email. Pollan did not respond to subsequent […]
YourErie.com reports: Read more at YourErie.com. Although not mentioned in their report, this incident was reported to the U.S. Department of Health and Human Services on November 9 as affecting 168,921 patients. Also not mentioned on WGH’s website is that the threat actors are known and they are leaking the employee and patient data on […]
SiliconAngle reports: Hackers have stolen the personal data of more than 8.4 million patients from Welltok Inc., a Denver-based company that provides software for healthcare organizations. Welltok first disclosed the breach in October without sharing the full details of the incident. On Wednesday, it revealed that the hackers had stolen information belonging to some 8,493,379 […]
Bleeping Computer reports: The former chief operating officer of a cybersecurity company has pleaded guilty to hacking two hospitals, part of the Gwinnett Medical Center (GMC), in June 2021 to boost his company’s business. Vikas Singla, who worked for Securolytics, a network security company that provided services to the healthcare industry, pleaded guilty to hacking […]
