This is the stuff nightmares are made of. Hayley Dixon, Aisha Majid, and Steven Swinford report: A British surgeon who helped carry out operations in Aleppo fears that the hacking of his computer led to a hospital being bombed by suspected Russian warplanes. In a world first, renowned consultant David Nott gave remote instructions via…
Month: March 2018
Hospitals Are Throwing Sensitive Patient Information Out With the Recycling
Kristen V. Brown reports: …. Researchers conducted a “recycling audit” of five hospitals in Toronto between November 2014 and May 2016 and found that frequently hospitals improperly threw out sensitive patient information. All the hospitals had policies designed to get rid of confidential patient health information without potentially exposing it, along with shredders to get the…
CareMeridian notifies patients after disk goes missing in the mail
The following press release is basically identical to one provided yesterday by Georgia MENTOR. Neither Georgia MENTOR nor CareMeridian name the software provider who mailed them a disk with unencrypted documents that appears to have been lost in the mail. CareMeridian, LLC is notifying individuals of a data security event that could potentially impact the…
Georgia MENTOR notifies patients after disk with protected health information discovered lost in the mail
From their press release: National Mentor Healthcare, LLC (d/b/a Georgia MENTOR) is notifying individuals of a data security event that could potentially impact the security of certain personal information. Although we are unaware of any actual or attempted misuse of the information, we are providing potentially impacted individuals with information about the event, steps taken…
He tried to tell you you’re leaking data. Even after you stupidly blocked him.
Today’s episode of Incident Response Fail involves a cybersecurity professional/bug bounty hunter, Mohamed Suwaiz, and a driver training company in Texas, Smith System, that seemed to stubbornly resist his efforts to alert them to a data leak. Although Suwaiz (@Msuwaiz on Twitter) describes himself as being motivated by bug bounties, when there’s no bounty to…
OCR investigating Banner Health’s 2016 data breach
Evan Sweeney reports: Already fending off a class-action lawsuit, Banner Health is also the subject of an ongoing federal investigation into a June 2016 cyberattack that exposed patient data. The Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) launched an investigation in the aftermath of the attack that exposed data for 3.7…