Bill Toulas reports: A data breach at an unnamed French hospital exposed the medical records of 750,000 patients after a threat actor gained access to its electronic patient record system. A threat actor using the nickname ‘nears’ (previously near2tlg) claimed to have attacked multiple healthcare facilities in France, alleging that they have access to the patient…
Category: Health Data
NY: Equinox notifies clients and employees of April data security incident
On November 15, Equinox notified clients and staff members about what they described as a data security incident on April 29. With a little digging, DataBreaches realized that it was an attack by LockBit3.0. Equinox is a human services organization that serves clients in the capital region of New York State, providing services to 3,500…
Patients at center of data breach case win $65M settlement against Lehigh Valley Health Network
Nicole Leonard reports: A Pennsylvania judge has cleared the way for a $65 million settlement with Lehigh Valley Health Network in a data breach case that involved stolen medical records and nude photos of cancer patients, taken during exams, posted on the dark web by a Russian cybergang. At a hearing Friday in Lackawanna County Court, Senior…
Idaho man who hacked medical entities and made vile threats sentenced to 10 years in prison (1)
An Idaho man who worked as an Information Technology Specialist for Ada County by day has been sentenced to prison for hacking medical offices and threatening his victims if they didn’t pay his ransom demands. Background of the Case In July 2017, DataBreaches reported a hacking incident with a ransom demand where the description of…
Artificial intelligence and cybercrime: implications for individuals and the healthcare sector
Introduction: The malicious use of artificial intelligence has created new types of security threat for both individuals and the healthcare sector. Although artificial intelligence is a fundamental technology of our age, it has enabled the creation of new types of large-scale cyberthreat, and artificial intelligence-based cybercrime has grown rapidly worldwide. Medical data are a prime…
Still in the dark: A “500 marker” is updated, but too many still aren’t. Is HHS doing anything about this??
In March 2024, LockBit3.0 added Redwood Coast Regional Center (RCRC) to its leak site. On May 3, RCRC notified HHS of the March 6 incident, reporting that 500 patients had been affected. RCRC only recently updated that report to indicate that 24,937 patients were affected. On or about November 5, they began mailing out letters…