A rehabilitation and support services agency that provides services to more than 3,000 individuals with psychiatric and substance abuse disorders each year has been the victim of a cyberattack by threat actors call themselves “Grief.” Rehabilitation Support Services, Inc. (RSS) operates in 13 upstate New York counties through 5 service divisions. According to their web…
Category: Health Data
Hackety hack hack…
There are so many breach reports that it’s hard to even find all the notices and reports about them these days. These days, there are many breaches that I log in worksheets I compile for Protenus’s Breach Barometer annual report but never even post on this blog. Just today, for example, I found: a notice…
Canadian non-profit hit by malware gets help — from the threat actor
Good Shepherd Centres in Canada recently disclosed a breach involving protected health information that occurred on September, 27, 2020. On June 29, Good Shepherd posted a statement that explains that it had been the victim of an attempt to shut down its systems, but that the attacker(s) “quickly facilitated restoration after realizing that Good Shepherd…
Belden issues substitute notice for November, 2020 breach
In November, 2020, networking equipment vendor Belden revealed that they had been the victim of a cyberattack. DataBreaches.net noted it at the time, but did not realize any protected health information was involved until April, 2021, when Belden notified HHS that protected health information they maintained as part of their health plan had been potentially…
Norwegian DPA: Oslo University Hospital ordered to amend agreements
The Norwegian Data Protection Authority’s inspection of Oslo University Hospital (OUH) reveals that the hospital cannot document satisfactory control of patient data when the hospital needs laboratory services from other countries. The Data Protection Authority understands that it is important to be able to use laboratories in other countries when the hospital or other Norwegian laboratories do…
Oops: Hundreds of One Medical patients’ emails exposed
Elise Reuter reports on what, indeed, was a big OOPS! An errant email sent to hundreds of One Medical patients exposed their email addresses. Several One Medical patients took to Twitter on Wednesday night sharing screenshots of the same email that was addressed to more than 900 people. It’s possible that the email was sent in batches…