Christopher Brown reports: Rush System for Health must defend a proposed class action alleging it shared health information of patients using its patient portal with Google Inc. and other third parties, in breach of its contract with patients and in violation of the Illinois Eavesdropping Act. Marguerite Kurowski successfully stated a claim for breach of contract regarding…
Category: Health Data
UK: Ambulance patient records system hauled offline for cyber-attack probe
Lindsay Clark reports: Several UK NHS ambulance organizations have been struggling to record patient data and pass it to other providers following a cyber-attack aimed at health software company Ortivus. In a statement, the Sweden-headquartered software vendor said it was subject to a cyber-attack on July 18 which hit UK customer systems within its hosted datacenter…
Law Firm Hack Affects Victims of an Earlier Breach Again
Marianne Kolbasuk McGee reports: A global law firm is notifying nearly 153,000 individuals of a hacking incident that compromised several client files. The files contained sensitive personal information and affects vision care patients who had been victims of a breach three years ago. Orrick, Herrington & Sutcliffe on July 20 reported the data breach to…
More plastic surgery patients have their nude photos and information leaked
An unknown party or parties who created a leak site with nude photos and medical records of a well-known plastic surgeon’s patients have uploaded more of his patients’ photos and records. In what was their third update to the leak site since June 5, those responsible wrote that they have changed their strategy. Before publishing…
Pointed to a phishing campaign targeting the healthcare sector, Microsoft leaps into action to … not even investigate?!
The relaxing Sunday I was looking forward to did not quite work out as planned. Dutch researcher and all-around good-guy Jelle Ursem (aka @SchizoDuckie) got in touch with me about what appeared to him to be a sketchy site allegedly by a well-known prescription management entity. After a few minutes of checking, there was no…
Two more breaches involving email gaffes: one by a NZ hospital, one by Fortinet
First, we have this “human error” mistake with email to report today. Hamish McNeilly reports: An email containing the names of vulnerable children was mistakenly sent to other parents and guardians, prompting an apology from Te Whatu Ora Southern. Dozens of parents and guardians received the email on Tuesday from the Vera Haywood Centre, a…