Add NCG Medical to business associates who a ransomware attack has compromised. The medical billing service in Florida was added to the Hive ransomware group’s leak site on August 31, with Hive claiming that they encrypted NCG’s files on August 19. The 12-day gap between encryption and publicly revealing the attack is a relatively short…
Category: Health Data
Police ‘negotiating with hackers’ who hit Paris hospital computer system
Adam Sage reports: An elite French police unit is reportedly negotiating with hackers demanding a seven-figure ransom after paralysing the computer system of a Paris region hospital. Le Parisien newspaper said the Groupe d’Intervention de la Gendarmerie Nationale (GIGN), the French military police unit that specialises in terrorism, hostage-taking and other such crimes, was involved in…
LabMD gets another shot at defamation claim against ‘extortionate’ infosec biz
Jessica Lyons Hardcastle reports: LabMD, the embattled and now defunct cancer-testing company, will get another chance at suing security firm Tiversa for defamation following an appeals court ruling. The testing laboratory has long alleged that: Tiversa illegally obtained a 1,178-page computer file containing confidential data on more than 9,000 LabMD patients back in 2008; lied…
HC3 Threat Profile: Evil Corp
The following is not a paragraph from a story about fictional cybercriminals called Evil Corp. The following paragraph is from a white paper released this week by the U.S. Department of Health & Human Services because there is a criminal enterprise known as Evil Corp that poses a serious threat to the healthcare sector. Typographical…
CorrectHealth notifies employees of breach in 2021; makes changes
CorrectHealth in Georgia is a private provider of healthcare services to incarcerated individuals. In November 2021, they discovered a data breach involving some employees’ email accounts. They did not reveal when the breach occurred, and it seems it took them until July 2022 to investigate and identify the 54,066 individuals they are notifying. Nothing on…
Massive cyberattack leads to class action suit against provider chain Avamere
John Hall reports: Attorneys representing a potentially large group of residents and employees of nursing home behemoth Avamere Holdings announced they have filed a class action suit accusing the long-term care provider of failing to protect its residents and staff from a massive cyberattack. The operator faces the class-action lawsuit over a data breach believed to have affected more…