UPDATED May 17, 2022: This incident was reported to the Maine Attorney General’s Office as affecting 98,746 patients. The “501” marker submitted to HHS on February 11, 2022 has not yet been updated on HHS’s website. Another disclosure heading into the weekend, but credit to them for getting a notification within one month of discovery. …
Category: Health Data
FL: Comprehensive Health Services discloses breach first detected this past September
Update: This incident was subsequently reported to the Maine Attorney General’s Office on February 15 as impacting a total of 94,449 people. Original post: In January, DataBreaches.net noted a report to the Massachusetts Attorney General’s Office that involved Comprehensive Health Services (CHS), a business associate providing occupational health services to clients’ employees. The breach was…
Ca: Fine, Probation Issued for Illegal Access to Health Information
A former Alberta Health Services (AHS) employee pleaded guilty on Monday, Feb. 7 to accessing health information in contravention of the Health Information Act (HIA). Marie Mushinski accessed the health information of 189 individuals 985 times over a two-year period. None of the 189 individuals were patients in the AHS unit where she worked as a clerk….
Inmediata Data Breach $1.1M Class Action Settlement
In April 2019, Puerto-Rico headquartered Inmediata issued a press release concerning a data leak it had discovered in January of that year. The business associate’s press release explained, in relevant part: In January 2019, Inmediata became aware that some electronic health information was viewable online due to a webpage setting that permitted search engines to index…
Information for over 6,000 Memorial Hermann patients accessed in business associate’s security breach
Briahn Hawkins reports: The Memorial Hermann Health System is notifying patients of a cyberattack that could impact thousands. One of their contracted vendors, Advent Health Partners, announced a cybersecurity issue Tuesday. According to the health system, the protected health information (PHI) for 6,260 patients have been breached. Read more at KHOU. Advent Health Partners also reported the breach to…
Indicators of Compromise Associated with LockBit 2.0 Ransomware and Additional Mitigations
On February 4, the FBI issued a Flash Alert: Indicators of Compromise Associated with LockBit 2.0 Ransomware Today, HHS’s Cybersecurity Program issued its companion HC3 alert. It says, in part: Impact to HPH Sector Although the LockBit 2.0 cybercrime gang claims to not attack healthcare organizations, all ransomware continues to act as a major cyber…