DataBreaches.net has found two behavioral health entities that reportedly or allegedly experienced recent cyberattacks involving protected health information of patients. The first, Behavioral Health Partners of Metrowest (BHPMW), describes itself as a partnership that brings together leading social services and behavioral health agencies serving the Greater MetroWest region of Massachusetts. Together, they write, Family Continuity,…
Category: Health Data
Christus Health ransomware incident involved theft of sensitive patient and employee data
First, the good news (such as it is): a ransomware attack on Christus Health by Avos Locker has not impacted patient care. Now, the bad news: the threat actors acquired — and have already leaked — a lot of sensitive information on patients and employees. On May 11, Avos Locker added Christus Health to their…
IN: Schneck Medical Center notifying patients about data security incident
Schneck Medical Center announced Friday that it was notifying “a limited number” of patients of a data security incident that resulted in the access and exfiltration of some files containing protected health information (PHI). They do not indicate how many patients are being notified and the incident does not yet appear on HHS’s public breach…
Parker-Hannifin discloses breach affecting employee health plan data
On March 14, Parker-Hannifin discovered unauthorized access to to their IT systems that began three days earlier. Their investigation determined some files on Parker’s IT systems had been accessed and possibly acquired by the attacker. The information involved related to current and former employees, their dependents, and members of Parker’s Group Health Plans (including health…
Refuah Health Center “recently discovered” a breach that was listed on the dark web in June, 2021?
On April 29, 2022, Refuah Health Center in New York issued a statement on their website that begins: The privacy and security of the personal and protected health information we maintain is of the utmost importance to Refuah Health Center. We recently discovered unauthorized access to our network occurred between May 31, 2021 and June…
Za: Over 3.6m records exposed in Dis-Chem cyber attack
Admire Moyo reports: Pharmacy retail giant Dis-Chem has become the latest South African organisation to fall victim to a cyber attack. According to the company, the cyber incident emanating from its third-party service provider resulted in data of over 3.6 million South Africans being compromised. The news comes barely two months after TransUnion’s systems were compromised, leaving millions of…