A notice posted to their site: Central Health is announcing today that a former employee has inappropriately accessed the health records of approximately 240 individuals. “Central Health would like to apologize to each person who has had their privacy breached”, said Andree Robichaud, President and CEO of Central Health. “We take confidentiality and privacy very…
Month: July 2020
More pharmacy chains report HIPAA breaches linked to looting during protests
First it was Walmart disclosing that their pharmacies in stores in California and Chicago had suffered damage and theft by looters of medications ready for pickup with patient information on labels. Then it was CVS, who notified HHS that more than 21,000 patients’ information may have been compromised by looters who stole or accessed prescriptions…
Hackers stole GitHub and GitLab OAuth tokens from Git analytics firm Waydev
Catalin Cimpanu reports: Waydev, an analytics platform used by software companies, has disclosed a security breach earlier this month. The company says that hackers broke into its platform and stole GitHub and GitLab OAuth tokens from its internal database. Read more on ZDNet.
CISA says 62,000 QNAP NAS devices have been infected with the QSnatch malware
Catalin Cimpanu reports: Cyber-security agencies from the UK and the US have published today a joint security alert about QSnatch, a strain of malware that has been infecting network-attached storage (NAS) devices from Taiwanese device maker QNAP. Read more on ZDNet.
CORRECTION
A few weeks ago, this site published a post about a hack of DataViper.io. In that post, I erroreously reported that Vinny Troia had admitted to selling and trading stolen data, which he justified as part of his undercover work. Later in the post, I also prefaced a statement with “Given that…” Those statements were…
Lifespan Pays $1,040,000 to OCR to Settle Unencrypted Stolen Laptop Breach
In April, 2017, Lifespan issued a statement disclosing a stolen laptop incident involving unencrypted protected health information. In at least two places in their statement they claim that they are committed to protecting the security and confidentiality of patient data. Today, OCR announced a settlement with Lifespan in which Lifespan is to pay more than…