On June 24, 2021, Metro Infectious Disease Consultant (MIDC) learned that some individuals’ personal information could have been accessed when an unauthorized third party gained access to certain employees’ email accounts. MIDC has no reason to believe that anyone’s personal information has been misused for the purpose of committing fraud or identity theft or that…
Category: Health Data
NL: Data leak at Radboudumc hospital was caused by former employee
This is a Google translation of a story in Dutch: The data breach at Radboudumc in Nijmegen is due to a former employee, the hospital reports in an update . Due to the leak, the data of an unknown number of employees is on the street. The hospital discovered the data breach earlier this month. Names, login names, email addresses and…
Internal emails raise questions about government’s investigation into Walgreens privacy breach
I am so glad to see a follow-up on this case because I had the same questions about how and why Walgreens did not suffer the same federal penalties as CVS and Rite Aid for the same infringement of HIPAA. My original coverage of this breach is no longer online as the former version of…
Update on Eskenazi Health Cyber Incident
Eskenazi has issued an updated notice about their security incident. They talk about “if they find” PII or PHI, but the reality is that this site already saw and reported that there was such information in the data dumped by Vice Society. From this site’s perspective, the only question is how many employees and patients…
UT: Phishing attack exposes medical information for 12,000 patients at Revere Health
Sean Hemmersmeier reports: A healthcare employee was the subject of a phishing email attack that exposed some medical records for approximately 12,000 patients, including patients of cardiology practice in St. George, according to a press release sent out by healthcare company Revere Health on Friday. The employee’s email was breached for roughly 45 minutes on…
Atlanta Allergy & Asthma first mails notices to patients; data was dumped back in March
On March 3, DataBreaches.net reported that Atlanta Allergy & Asthma had apparently been compromised by Nefilim threat actors, who had dumped more than 2 GB of patient-related files on a dedicated leak site. DataBreaches.net not only reported that, but provided a redacted screencap and noted that this site had reached out to the covered entity…