Stacy L. Cook and Iqra Mushtaq of Barnes & Thornburg LLP write: On March 14, 2023, the U.S. Department of Justice (DOJ) announced the settlement of a case involving alleged violations of the False Claims Act (FCA) as a result of cybersecurity failures and breach of HIPAA-protected health information. Obtained under the Civil Cyber-Fraud Initiative, this settlement emphasizes…
Category: Health Data
Cyber attack downs major Israeli university websites
The Jersualem Post reports: Websites of multiple major universities in Israel were attacked by a group of hackers calling themselves “Anonymous Sudan” on Tuesday. Among the websites unavailable for browsing were the sites of Tel Aviv University, the Hebrew University of Jerusalem, Ben-Gurion University of the Negev, Haifa University, Weizmann Institute of Science, Open University of Israel…
Developing: Stormous claims to have attacked hospital; apologizes minutes later, pledges to undo damage, and seeks forgiveness (Update1: was this a scam?)
Stormous Ransomware added Cameron Memorial Community Hospital in Indiana to their leak site today and posted a pointer to it on their Telegram channel. Then they appeared to regret their actions, posting the following only minutes later: We are writing to express our sincerest apologies for the recent ransomware attack on hospital IT systems. We…
Employee and patient files from Montgomery General Hospital leaked by ransomware group
An email DataBreaches received yesterday from an unrecognized account contained just one line – a link to a new listing on the D#nut Leaks ransomware group’s leak site about Montgomery General Hospital (MGH) in West Virginia. MGH is part of the Montgomery General Health Care System, Inc., which includes the hospital, Montgomery General Elderly Care, Montgomery…
Today’s “Don’t Say ‘Ransomware’ Award” goes to….
DataBreaches probably sounds like a broken record after six years of calls for more transparency in breach notifications. Sadly, the situation has gotten worse in the past year. Not only do entities fail to admit they suffered a ransomware attack, but they fail to inform patients if the patient’s protected health information was leaked or…
“A crucial learning experience.” – ICO calls for highest standards in HIV services after NHS Highland reprimand
From the U.K.’s Information Commissioner’s Office (ICO): NHS Highland reprimanded for a “serious” data breach amongst those accessing HIV services ICO calls for higher standards when protecting data of people living with HIV Service providers could be fined or reprimanded for exposing sensitive data The Information Commissioner’s Office (ICO) has issued a reprimand to NHS Highland for…