Tabitha Wells reports: Headwaters Health Care Centre has provided an update regarding the suspicious email activity that led to the closure of its COVID-19 assessment centre and affected a number of internal systems. On Friday afternoon (Nov. 26), the hospital posted a second notice to its website, confirming a data breach. Read more on Orangeville.com
Category: Health Data
OR: One Community Health reports April cyberattack
On September 13, DataBreaches.net added an entry to the monthly worksheet this site maintains for annual data analyses. The entry was for “One Community Health” in Oregon, but it was not the covered entity that announced the breach. DataBreaches.net learned about the breach from Pysa threat actors who had added the covered entity to their…
Alberta Health says privacy breach possible on province’s vaccine passport website
CBC reports: The province’s vaccine record website experienced a possible privacy breach, Alberta Health said in a statement Thursday. Alberta Health says it has received reports of at least 12 users who downloaded the wrong information from the province’s COVID-19 vaccination record website on Wednesday. The record those users downloaded contained the name, date of birth and vaccine…
Class Certification Order Lifted in Data Breach Lawsuit Against West Virginia University Health System
HIPAA Journal reports: A class action lawsuit filed against West Virginia University Health System over a breach of the protected health information of 7,445 patients has had the class certification order lifted by the Supreme Court of Appeals of West Virginia. The lawsuit is related to an insider data breach that occurred in 2016. Between…
Huntington Hospital discloses insider criminal breach after law enforcement lifts delay on notice
Huntington Hospital in New York has disclosed an insider-wrongdoing incident that occurred between October 2018 and February 2019. Although they determined in February, 2019 that the now-former employee was engaging in unauthorized access to patient records, and suspended the employee (and eventually terminated the employment), they were asked to delay notification to those impacted until…
Three months after ransomware attack and two months after data was dumped, UHC has yet to notify patients in writing
On September 25, DataBreaches.net reported on a ransomware attack suffered by United Health Centers of San Joaquin Valley (UHC). BleepingComputer had also reported on the incident the day before. Neither this site nor BleepingComputer had been able to get a statement from UHC at the time, but it was clear from the data dumped by…