Jay Willett reports: COVID-19 vaccination clinics scheduled on Northeastern University’s Boston campus have been cancelled following the discovery of registrants’ personal information being exposed by Pelmeds, a third-party vaccine provider. In a statement shared with WBZ NewsRadio, Northeastern said that the information was present on Pelmeds’ website. “As soon as the university became aware of…
Category: Health Data
Optometry services provider and specialty pharmacy services both report breaches
As many people left for the weekend or were thinking about holiday shopping, two more HIPAA-covered entities disclosed breaches involving protected health information (PHI): optometry services provider Simon Eye Management and specialty pharmacy services provider BioPlus Specialty Pharmacy Services, LLC. Neither disclosure, described below, reported any malware or ransomware component to their breaches. By the…
Brazilian Ministry of Health suffers cyberattack and COVID-19 vaccination data vanishes
Angelica Mari reports: Websites under Brazil’s Ministry of Health (MoH) have suffered a major ransomware attack that resulted in the unavailability of COVID-19 vaccination data of millions of citizens. Following that attack that took place at around 1 am today, all of MoH’s websites including ConecteSUS, which tracks the trajectory of citizens in the public…
Ie: Hackers accessed HSE system eight weeks before cyber attack
Dyane Connor reports: The cyber attackers who hacked the Health Service Executive’s IT system, had accessed the system eight weeks before it detonated the malicious software, which caused devastating disruption across healthcare services. A report by PricewaterhouseCoopers (PwC) has found there were several “missed opportunities” after a phishing email was opened allowing the attacker access…
Appellate Court Partially Revives Medical Data Breach Class Action
Cheryl Miller reports the latest development on litigation stemming from a 2014 data breach at Sutherland Healthcare Solutions. If that incident doesn’t ring a bell for you, it was covered a number of times on this site back in 2014 and you can find coverage linked from here. A state appellate panel on Monday partially…
Tulane University crime data breach exposes health records, sexual assault victims’ names
Missy Wilkinson Reports: Health records and names of people who visited Tulane University Medical Center’s emergency department, including for attempted suicide. Graphic information about sexual assaults and the identities of the victims, witnesses and suspects. All this and other sensitive information protected under federal privacy laws was visible to anyone with a Tulane email address…