On September 29, 2021, Schneck Medical Center in Indiana announced that it had been the victim of a cyberattack. But it wasn’t until May, 2022, that the medical center began notifying what they characterized as a “limited number” of patients about the incident. As DataBreaches reported at the time, their notification left important questions unaddressed. …
Category: Health Data
San Diego Family Care Settles Data Breach Class Action for $1 Million
In May of 2021, San Diego Family Care disclosed a data breach that resulted from a ransomware attack on their hosting provider, Netgain Technology. In a class action lawsuit, complainants alleged that SDFC failed to protect patients’ information adequately and that SDFC did not promptly notify patients after learning of the breach. The lawsuit has…
Motion for Preliminary Approval of Accellion Data Breach Settlement Filed in California Federal Court
Kristin L. Bryan of Squire Patton Boggs writes: This week Plaintiffs in thirteen consolidated cases brought against Accellion and other defendants filed a motion for preliminary approval of a class action settlement in California federal court. This development is notable for its resolution (if approved) only as to Accellion and for the categories of relief offered…
Baptist Medical Center and Resolute Health Hospital notifying patients after malware attack snagged patient data
Baptist Medical Center in San Antonio and Resolute Health Hospital in New Braunfels have disclosed a cyberattack involving unspecified malicious code that infected their system. According to statements made by IDX on their behalf, an unauthorized party accessed and exfiltrated data from their network between March 31, 2022 and April 24. The attack was first…
Theft of computers at the Centre Hospitalier Universitaire de Québec: the files of 10,000 employees stolen
Helen Hernandez reports: The personal data of nearly 10,000 employees of the CHU de Québec were stolen during a burglary that occurred on the night of June 5 to 6. The criminals broke into the premises of the CHU de Québec Research Center and seized computer equipment containing employee files. 9,500 former and current workers…
Central Florida Inpatient Medicine notifies 197,733 patients after employee email account compromised last year
Central Florida Inpatient Medicine (CFIM) is notifying 197,733 patients whose protected health information (PHI) was in an employee’s email account that was accessed by an unauthorized individual between August 21, 2021 and September 17, 2021. CFIM does not indicate when they first discovered that there had been a breach or how they first discovered it. …