UPDATED May 17, 2022: This incident was reported to the Maine Attorney General’s Office as affecting 98,746 patients. The “501” marker submitted to HHS on February 11, 2022 has not yet been updated on HHS’s website. Another disclosure heading into the weekend, but credit to them for getting a notification within one month of discovery. …
Author: Dissent
FL: Comprehensive Health Services discloses breach first detected this past September
Update: This incident was subsequently reported to the Maine Attorney General’s Office on February 15 as impacting a total of 94,449 people. Original post: In January, DataBreaches.net noted a report to the Massachusetts Attorney General’s Office that involved Comprehensive Health Services (CHS), a business associate providing occupational health services to clients’ employees. The breach was…
Croatian phone carrier A1 Hrvatska discloses data breach
Perlugi Paganini reports: Croatian phone carrier A1 Hrvatska has disclosed a data breach that has impacted 10% of its customers, roughly 200,000 people. Threat actors had access to sensitive personal information of the customers, including names, personal identification numbers, physical addresses, and telephone numbers. Threat actors did not access online accounts and financial information was…
Indicators of Compromise Associated with BlackByte Ransomware
From a newly released Joint Cybersecurity Advisory: SUMMARY This joint Cybersecurity Advisory was developed by the Federal Bureau of Investigation (FBI) and the U.S. Secret Service (USSS) to provide information on BlackByte ransomware. As of November 2021, BlackByte ransomware had compromised multiple US and foreign businesses, including entities in at least three US critical infrastructure…
Ca: Fine, Probation Issued for Illegal Access to Health Information
A former Alberta Health Services (AHS) employee pleaded guilty on Monday, Feb. 7 to accessing health information in contravention of the Health Information Act (HIA). Marie Mushinski accessed the health information of 189 individuals 985 times over a two-year period. None of the 189 individuals were patients in the AHS unit where she worked as a clerk….
Deloitte’s $5M Data Security Deal OK Is Sought by Plaintiffs
Jake Holland reports: A $4.95 million settlement with Deloitte Consulting LLP to resolve claims it created websites with poor security should receive final approval, the plaintiffs are arguing in New York federal court. The deal is fair and provides meaningful relief to affected class members, the plaintiffs argued in a supplemental brief filed Thursday in the U.S….