HC3: Analyst Note TLP: White Report: 202208241200 Executive Summary Karakurt ransomware group, also known as the Karakurt Team and Karakurt Lair, is a relatively new cybercrime group, with researchers reporting its first emergence in late 2021. Karakurt actors claim to steal data and then threaten to auction it off or release it to the public…
Category: Health Data
NH: Northeast Rehabilitation Hospital Network updates their 2021 breach notification
In November 2021, the Northeast Rehabilitation Hospital Network in New Hampshire notified HHS of a breach. At the time, they indicated 501 patients had been affected, which is usually just a marker for “we know it’s more than 500, but we don’t know how many just yet.” The incident was coded as a hacking/IT incident…
Hive starts dumping patient and employee data from Baton Rouge General Health System
On July 15, DataBreaches reported that Baton Rouge General Medical Center in Louisiana had been the victim of a significant ransomware attack. Our report attributed the attack to Hive although Hive was publicly denying responsibility at the time and claiming DataBreaches had “incorrect info.” Our information was correct. On Tuesday, Hive added the health center…
ASL Città di Torino, the trouble continue after the cyber attack of 19 August
Marco A. De Felice reports: On August 19, a computer attack made it necessary to block all computer systems by the IT technicians of the “ASL Città di Torino”. A ransomware-type attack that has affected and continues to affect the San Giovanni Bosco, Maria Vittoria, Martini and Oftalmico hospitals. The cyber attack was discovered by…
OCR Settles Case Involving Decade-Long Improper Disposal of Protected Health Information
There is an enforcement update to an incident noted on this site in 2018. The incident that involved New England Dermatology P.C., d/b/a New England Dermatology and Laser Center (“NDELC”) was summarized by HHS in their resolution agreement and corrective action plan for this case: On May 11, 2021, NEDLC filed a breach notification report…
Transparency #FAIL: Why won’t Anthem/Elevance Health answer a simple question about breaches?
A DataBreaches opinion piece. You might think a giant insurer like Anthem, which has experienced at least several breaches over the years — including one of the most significant breaches ever — would understand the importance of transparency by now. Apparently not. On May 24, Anthem (now known as Elevance Health) posted a notice on…