Someone on Twitter asked me what the first breach of 2022 would be. The following public notice is not the first breach of 2022. It is a 2021 breach that just showed up after midnight in my news search this morning. And because it involves a third-party breach, we may see other covered entities affected,…
Category: Health Data
VPN Solutions LLC suffered a ransomware attack two months ago. Some clients still can’t access patient data hosted on the service.
It appears that a ransomware incident involving VPN Solutions LLC may have affected a number of covered entities, although so far, DataBreaches.net has only identified two confirmed cases: Surgery Group SC On December 17, Surgery Group SC in Illinois notified HHS about an incident impacting 500 patients. DataBreaches.net interprets that 500 number as a marker…
HIPAA Enforcement by State Attorneys General
HIPAAJournal has a nice piece on HIPAA enforcement action over the years by state attorneys general. You can access it here.
NZ: Privacy breach at Hutt Hospital as clinician leaves patient info on street
Missed this one from Matthew Tso on December 20, so let’s get caught up: A privacy breach involving the personal details of 36 Hutt Hospital patients occurred after four pages of information were dropped in the street. The incident occurred in November, with a letter from the Hutt Valley District Health Board to affected patients…
Computer containing vaccine data stolen in Brussels
The Brussels Times reports: Various computers, including one containing data on vaccinated persons, were stolen on the night of Monday to Tuesday from the Pacheco vaccination centre in Brussels, the Commission communautaire commune (Cocom -Joint Community Commission) said in a press release on Friday. “Cocom quickly took measures, in collaboration with the police, its information…
Duneland School Corporation notifying employees and dependents of data breach
“Duneland School Corporation” sounds like it should be an education-related business but it’s actually a school district in Indiana. On October 27, they discovered that they had experienced a security incident that sounds like a ransomware attack. In a statement on their website, they note: Through our investigation, we determined that an unauthorized person obtained…