Jessica Bartlett reports: A crippling cyber attack at the state’s second-largest insurer not only interrupted operations for months but also pummeled the insurer’s financials. For the six months ending in June, Point32Health reported a $102.7 million operating loss on $4.8 billion in revenue. Those results compare to a $25.8 million operating loss on $4.9 billion…
Category: Health Data
Two more attacks involving sensitive data: a plastic surgery center in Brazil and a psychiatric hospital in Lithuania
Although it’s impossible for DataBreaches to really monitor for attacks on medical entities around the world, here are two non-U.S. ones recently spotted that both involve sensitive data. Plastic Surgery Practice in Brazil This week, DataBreaches spotted a listing for data from a Brazilian plastic surgery practice. The seller, who calls himself “TheSnake,” claims to…
Health Data and Investigations: Between a Rock and a Hard Place
Matt Fisher writes: Demands for medical records can stem from a variety of investigations, which can involve a myriad of sources. The most recent example driving headlines is an investigation involving Vanderbilt University Medical Center (“VUMC”). VUMC disclosed records concerning treatment of transgender patients to the Tennessee Attorney General. According to the Attorney General, an investigation of…
IL: Morris Hospital discloses breach that Royal claimed responsibility for in May; notifies 248,943
Morris Hospital & Healthcare Centers (Morris Hospital) has issued a notification concerning a cybersecurity incident they discovered on April 4. The incident affects current and former patients of Morris Hospital and current and former employees and their dependents or beneficiaries. According to their explanation, their forensic investigation determined that “just prior to the incident,” data…
Insider-Wrongdoing in the Healthcare Sector
Michelle Del Guercio writes: On June 8, the Health Sector Cybersecurity Coordination Center (“HC3”) published Types of Cyber Threat Actors That Threaten Healthcare. In that publication, they identify five basic types of insider threats: careless or negligent workers malicious insiders inside agents disgruntled employees third parties In 2016, when Protenus and DataBreaches first began collaborating on…
Jefferson Health warns Cherry Hill hospital patients of potential data breach
John Paul Titlow reports: Some patients at Jefferson Cherry Hill Hospital are being advised to keep an eye on their credit reports due to a potential data breach. The hospital started notifying select patients this week that their private data may have been compromised after a backup hard drive went missing from a DEXA scan…