In June 2021, DataBreaches reported that Vikas Singla had been indicted on charges relating to a 2018 cyberattack on Gwinnett Medical Center. At the time of the alleged attack, Singla was the chief operating officer of a metro-Atlanta network security company. He was charged with 18 counts of violating the Computer Fraud and Abuse Act…
Category: Health Data
Update: One week later, All India Institute of Medical Sciences (AIIMS) services still on manual system
Servers of the All India Institute of Medical Sciences (AIIMS) are still down as AIIMS works to recover from a ransomware attack. According to some sources, the attackers, who have not been named, had reportedly demanded about Rs 200 crore in cryptocurrency, but Delhi Police deny that AIIMS has reported receiving any such demand. Thirty…
Reminder that small-n medical privacy breaches can cause harm
Over on PogoWasRight.org this morning, I linked to a post by Eric Goldman involving litigation over a medical privacy breach. One plaintiff claimed to have suffered significant harm in her life due to a hospital employee mailing her information to an unrelated third party who then posted it online. I mention that case because although…
No Need to Hack When It’s Leaking, Friday Global Edition
For today’s episode of “No Need to Hack When It’s Leaking,” DataBreaches brings you three leaks involving patient/medical information: one from the U.S., one from India, and one from Australia. Tridas Center Jeremiah Fowler and the Website Planet research team discovered an unsecured database containing more than 16,000 records with personally identifiable information about pediatric…
Ca: Riverside Health Care reports privacy breach was due to inappropriate access of EMR by a staff member
Press Release: Riverside Health Care recently concluded an investigation into a privacy breach that was the result of a staff member inappropriately accessing patient electronic medical records. The inappropriately accessed personal health information was not disclosed or otherwise used by the staff member. Steps were immediately taken to prevent further inappropriate access to personal health…
FL: South Walton Fire District notifies patients of breach
On May 30, South Walton Fire District learned of unauthorized access to their network. Investigation revealed that patients’ potentially affected information included: names, addresses, Social Security numbers, dates of birth, treatment dates, medical diagnostic and treatment information, and health insurance information for patients transported by or treated by SWFD. Local media reports those potentially at risk…