DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

More breach news from the U.S. healthcare sector

Posted on May 11, 2023October 24, 2024 by Dissent

A small roundup of incidents from the past 24 hours, including some dark web disclosures

Uintah Basin Healthcare notifies patients of data breach discovered in November

Uintah Basin Healthcare (“UBH”) in Utah became aware of unusual activity in their network on November 7, 2022. They are first notifying patients who received care at UBH between March 2012 and November 2022 and whose information may have been accessed or acquired. 

The following personal and protected health information varied between individuals but may have been involved in the incident: name, date of birth, address, Social Security number, health insurance information, and certain clinical details including diagnosis/conditions, medications, test results, and procedure information.

Their full press notification can be found on their website.

Oyate Health Center notifies pharmacy patients of accidental disclosure

On March 8, Oyate Health Center in South Dakota discovered that some office supplies they had donated the previous day to a local non-profit contained a report of patients who used the center’s pharmacy during August 31, 2021 – September 8, 2021. The recipient realized the error and contacted them promptly. Information in the report included patients’ name, chart number, date of the pharmacy visit, and a diagnosis code related to the prescription the patient was refilling.

ASAS Health notifies 25,527 about cybersecurity incident

ASAS Health has notified 25,527 people of a cybersecurity incident on January 26, 2023. According to a copy of the notification provided by their external counsel to the Maine Attorney General’s Office, the Texas-based medical group has been unable to definitively determine whether and what information was actually accessed or subsequently compromised, but the types of information potentially include:

Name • Date of birth • Address • Phone number • Email address • Driver’s license number • SSN • Diagnosis • Disability Code • Medicare ID number • Health Plan Carrier Information • Financial information

BianLian Reveals Identity of More Victims, Still Masks Others

BianLian has been proving itself to be a serious threat to the healthcare sector in terms of the number of its attacks. This week, BianLian named Synergy Hematology Oncology Medical Associates in California on their leak site, claiming to have almost 200 GB of data from them. This medical group doesn’t seem to have a website and DataBreaches has not seen any press releases or anything by them about any breach.

BianLian also named Mercy Home in New York on their leak site and claims to have 553 GB of their data. There is no notice on mercyhomeny.org‘s website about any incident.

Although BianLian claims to have leaked the data from both of the above entities, neither download was working as of this morning.

BianLian has also named other medical entities from other countries. They have not yet named all of the U.S. medical entities on their site, including Murfreesboro Medical Clinic in Tennessee or the one DataBreaches suspects is North Shore Medical Labs. BianLian claims to have 60 GB of data from them. DataBreaches has emailed NSML to ask whether they were attacked because there is no notice on their site even though BianLian added the obfuscated listing on April 18. No reply was immediately available.

BianLian also hasn’t publicly named Earlens Corporation, although one of the listings appears to relate to that firm. They claim to have 2 TB of data from that victim.

AlphV (BlackCat) Starts Leaking Essen Medical Associates

AlphV appears to have started leaking data from Essen Medical Associates on its leak site. Originally added to the site on April 6, the bad actors posted an update this week that says, ‘We gave you time and went to a meeting. Our patience has run out.” They claim to have 2.6 TB of data.

Sadly, as soon as we hit “send” on this post, we’ll probably find yet more breaches in the healthcare sector.

 

Category: Breach IncidentsExposureHackHealth DataMalwarePaperU.S.

Post navigation

← NC: Gaston College still investigating February cyberattack; personal information stolen still being determined
Ransomware Encryption Rates Reach New Heights →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • FTC Finalizes Order with GoDaddy over Data Security Failures
  • Hacker steals $223 million in Cetus Protocol cryptocurrency heist
  • Operation ENDGAME strikes again: the ransomware kill chain broken at its source
  • Mysterious Database of 184 Million Records Exposes Vast Array of Login Credentials
  • Mysterious hacking group Careto was run by the Spanish government, sources say
  • 16 Defendants Federally Charged in Connection with DanaBot Malware Scheme That Infected Computers Worldwide
  • Russian national and leader of Qakbot malware conspiracy indicted in long-running global ransomware scheme
  • Texas Doctor Who Falsely Diagnosed Patients as Part of Insurance Fraud Scheme Sentenced to 10 Years’ Imprisonment
  • VanHelsing ransomware builder leaked on hacking forum
  • Hack of Opexus Was at Root of Massive Federal Data Breach

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Meta may continue to train AI with user data, German court says
  • Widow of slain Saudi journalist can’t pursue surveillance claims against Israeli spyware firm
  • Researchers Scrape 2 Billion Discord Messages and Publish Them Online
  • GDPR is cracking: Brussels rewrites its prized privacy law
  • Telegram Gave Authorities Data on More than 20,000 Users
  • Police secretly monitored New Orleans with facial recognition cameras
  • Cocospy stalkerware apps go offline after data breach

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.