The Center for Autism and Related Disorders (“CARD”) has locations throughout the U.S. On January 24, it experienced a reportable breach when “as part of a recent update to its patient billing systems, the third-party vendor responsible for generating patient invoices incorrectly made a computer error which resulted in certain caregivers receiving an invoice for…
Category: Health Data
CISA Alert (AA23-040A): #StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
Summary Note: This Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and various ransomware threat actors. These #StopRansomware advisories detail historically and recently observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. Visit stopransomware.gov to…
Patients involved in Nova Scotia mass shooting among those caught up in major privacy breach
Bill Dicks reports: Nova Scotia Health is under the microscope after eight employees were found snooping into medical records. The privacy breaches involve the electronic health records of people associated with the April 2020 mass shooting in Nova Scotia, among others. The Office of the Information and Privacy Commissioner says the discoveries were made by…
Health cards’ data stolen from one of Pakistan’s biggest hospitals
Haroon Hayder reports: The Pakistan Institute of Medical Sciences (PIMS) in Islamabad has confirmed that the data regarding the Sehat Sahulat Program (health cards) was stolen from the hospital last year. According to reports, the health cards’ data was stolen from the hospital’s Accounts Section. PIMS’ sources have claimed that they have no record of…
Derriford Hospital admits data breach as patient sent list of complaints against hospital
William Telford reports: Health chiefs have admitted a data breach after a patient received a list of people who had made complaints against Plymouth’s Derriford Hospital. Retired horse breeder Jeanette Anderson was stunned when an email from the hospital contained confidential details of complainants including, she said, bereaved families. University Hospitals Plymouth NHS Trust has…
MA: DotHouse Health discloses data breach but has yet to send letters to patients
On or about December 10, AlphV (aka BlackCat) added DotHouse Health.org to their leak site, where they attempt to pressure victims into paying any ransom demands. In this case, the threat actors did not post any proof pack, but they claimed to have infiltrated 800 GB of data from the Massachusetts HIPAA-covered healthcare provider. On…