DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

In November, I gave thanks for fewer breach reports

Posted on December 21, 2017 by Dissent

Protenus has released its monthly Breach Barometer, and the statistics for November were something to be thankful for – even if they turn out to be just a brief  break from the crush of breach reports we’ve seen every month.

As Protenus reports, there were 28 incidents first disclosed during November. We were able to determine the number of records breached for 25 of those incidents. The total number of breached records for the month was 83,925, which is the lowest monthly total we’ve seen for all of 2016 and 2017.

There were  more Insider incidents than Hacking incidents disclosed in November, but hacking would have accounted for more breached records than Insider incidents if we had numbers for all of the hacking incidents. As a reminder, our “Insider” incidents includes both human error incidents as well as intentional wrongdoing by rogue employees.

The following are the breach incidents that were included in Protenus’s November analyses. As always, there may be breaches that were reported during the month on HHS’s breach tool that are NOT included in our analyses because we had reported them previously. Other breaches appear on our list but not on HHS’s breach tool because our list includes incidents involving entities that are not necessarily covered by HIPAA.

As can be seen below, in some cases we were unable to get additional information on an incident, despite sending inquiries or attempting to research an incident.  Even when an entity may code an incident as “Hacking/IT Incident” in their submission to HHS, it may be coded as “Unknown” in our system if we were unable to obtain details that support coding it as a hacking incident instead of an Insider-Wrongdoing incident, etc. Links in the list below are to coverage or details on the incident:

  1. Aetna Inc. – 1,600 – Unknown
  2. Alere Toxicology – 2,146 – Unknown
  3. Baptist Health Louisville – 800 – Hacking
  4. Center for Health Services – 501 – Theft
  5. Clinical Pathology Laboratories Southeast  – 500 – Theft
  6. Cook County Health & Hospitals System – 727 –  Insider-Error at Experian Health
  7. Department of Social and Health Services’ Behavioral Health Administration/ Western State Hospital – 515 – Insider-Error
  8. East Central Kansas Area Agency on Aging – 8,750 – ransomware
  9. Family & Cosmetic Dentistry of the Rockies – 1,850 – Insider-Error
  10. Florida Blue  – 939 – reported breach at Real-Time Health Quotes
  11. Hackensack Sleep and Pulmonary Center – 16,474 – Hack
  12. Humana – 5,674 – Insider-Error by Real-Time Health Quotes
  13. IU Health Ball Memorial Hospital  – 1,399 –  Lost (and Found)
  14. Little River Healthcare – Central Texas, LLC d/b/a Little River Waco Ear Nose and Throat  – ? – Ransomware
  15. Lowell General Hospital – 769 – Insider-Wrongdoing
  16. Medical College of Wisconsin – 9,500 – hacking
  17. North Carolina Department of Health and Human Services – 6,000 – Insider-Error
  18. Pulmonary Specialists of Louisville, PSC – ? – Hack
  19. Rocky Mountain Health Care Services – 909 – Theft
  20. Roger Williams Medical Center – 60 – Theft
  21. Shop-Rite Supermarkets, Incorporated – 12,172 – Insider-Error
  22. Stanford University – 200 – Insider-Error
  23. Sutter Valley Medical Foundation d/b/a Sutter Medical Foundation – 1,303 – Theft
  24. Union Labor Life Insurance Company – 665 – Unknown
  25. UAB Viral Hepatitis Clinic – 652 – Loss
  26. UPMC Susquehanna -1200- Hacking
  27. Valley Family Medicine – 8,450 – Insider-Wrongdoing
  28. Wilbraham, Lawler & Buba, P.C. – ? – ransomware

As the year draws to a close, I have started compiling statistics for December and for Protenus’s annual report on breaches involving health data.  If you’re not on their free subscription list already, you may wish to sign up so you will be notified when the reports or webinars are available.

Related posts:

  • Health Data Breaches in 2017: The Year in Review
  • 100 more breaches you probably never knew about in 2009
  • 2016: Healthcare data breaches in review, Part 2
  • 95 new breaches in 2010 that didn’t make the news
Category: Breach IncidentsCommentaries and AnalysesHealth DataOf NoteU.S.

Post navigation

← Lime Crime settles lawsuit over 2015 data breach
UK: Two ex-police officers to be investigated over alleged data breaches during Damian Green probe →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Horizon Healthcare RCM discloses ransomware attack in December
  • Disgruntled IT Worker Jailed for Cyber Attack, Huddersfield
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024
  • Battlefords Union Hospitals notifies patients of employee snooping in their records
  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.