HCF Management manages a variety of healthcare facilities in Ohio and Pennsylvania, including assisted living, rehabilitation services, long-term care, and hospice services. They are a for-profit organization. On October 29, 2024, RansomHub added HCF Inc. to its leak site with a claim that they had exfiltrated 250 GB of files. Their listing did not specifically…
The individual known as “0mid16B” has been busy, it seems. They contacted DataBreaches on Wednesday to announce that they had hacked MedSave Health Insurance TPA Ltd (“MedSave”). MedSave is a third party administrator in India that partners with more than 10 insurance companies, processing and settling claims submitted by hospitals or insured members. MedSave lists…
Settlement with Northeast Surgical Group marks OCR’s 10th ransomware enforcement action and 4th enforcement action in OCR’s Risk Analysis Initiative. Today the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a settlement with Northeast Surgical Group, P.C. (NESG), a provider of surgical services in Michigan, for a potential violation…
In 2019, DataBreaches reported that Solara Medical Supplies in California was notifying more than 110,000 patients after an attacker gained access to some employees’ email accounts via phishing. Solara was subsequently sued and settled claims for $9.76 million. Now today, HHS OCR announced a settlement with Solara: Today the U.S. Department of Health and Human…
This article by Alexander Castro originally appeared in Rhode Island Current on January 10, 2025 and is republished here under Creative Commons License. It was updated to replace several paragraphs in the “Slow Leak” section to include a response Deloitte sent the author post-publication. Rhode Island’s online public benefits system appears to be a fortress…
On March 25, DataBreaches entered Teton Orthopaedics’ name on a monthly worksheet this site uses for tracking breaches in the healthcare sector. The entry wasn’t based on any report by Teton Orthopaedics or media, and DataBreaches had been unable to find any notice by the provider. The entry was based on a claim by the…