CBS reports: A disruption last month in the Maryland Department of Health’s reporting of COVID-19 data was in fact a ransomware attack, the state’s Chief Information Security Officer Chip Stewart said Wednesday. Read more at CBS Baltimore.
Category: Health Data
Canadian privacy breach: Names of unvaccinated DDSB staff accidentally shared
Jillian Follert reports: A recent privacy breach at the Durham District School Board (DDSB) resulted in the names of staff who are not vaccinated for COVID-19, or have not disclosed their status, inadvertently being shared with about 400 people. The breach happened when the board sent out a “routine” email about rapid testing. Attached to…
Th: Huge patient data leak from Siriraj Hospital
Suchit Leesa-Nguansuk reports: About 39 million purported patient records from Siriraj Hospital have been offered for sale on an internet database-sharing forum in what appears to be the latest hack of the country’s public health sector. Authorities are investigating the post, which was on raidforums.com. […] The data is not only from Siriraj Hospital but…
Maryland health workers, lawmakers want answers as problems persist a month after cyberattack
Steve Thompson reports: State health workers still often can’t use computers, access shared drives and get to important data a month after a cyberattack crippled Maryland’s health department, the head of a union representing agency employees said Friday. They’ve received little information about what’s going on and are preparing for the possibility that their systems could remain…
Grass Valley discloses 2021 data breach
Yesterday, Grass Valley in California announced they had suffered a breach last year. Their disclosure does not say when they first detected any breach, but reports that their investigation determined that unauthorized access had occurred between April 13, 2021 and July 1, 2021. After further investigation, Grass Valley discovered that the unauthorized person transferred files…
Compton and Broomhead Dental Center alleged victim of cyberattack
It’s one thing to ignore ransom demands from threat actors, but how smart — or foolish — is it to be sarcastic or insulting to those who have exfiltrated files with your patients’ protected health information? DataBreaches.net was recently contacted by threat actors who were previously associated with other groups. They claimed to have attacked…