On March 3, DataBreaches.net reported that Atlanta Allergy & Asthma had apparently been compromised by Nefilim threat actors, who had dumped more than 2 GB of patient-related files on a dedicated leak site. DataBreaches.net not only reported that, but provided a redacted screencap and noted that this site had reached out to the covered entity…
Category: Health Data
South Florida Community Care Plan Notifies Members After Discovering Unauthorized Disclosure
SUNRISE, Fla., Aug. 20, 2021 /PRNewswire/ — South Florida Community Care Plan (“CCP”) in Sunrise, Florida announced today that it has taken action after becoming aware of unauthorized disclosure of certain member information. CCP is providing notice of this event to potentially impacted individuals, as well as certain regulators. What Happened? On June 21, 2021, while reviewing a former employee’s email account, CCP…
Willdan Group, Inc. (“Willdan”) Provides Notice Of Data Privacy Incident
The following press release relates to an incident that Conti claimed in February, 2021. Conti dumped data from the entity on March 1, 2021 consisting of of more than 136 GB of data in 97,000 files. ANAHEIM, Calif., Aug. 18, 2021 /PRNewswire/ — Willdan Group, Inc. (“Willdan”) is providing notice of a recent incident that may affect the…
A bug in a medical startup’s website put thousands of COVID-19 test results at risk
Zack Whittaker reports: A California-based medical startup that provides COVID-19 testing across Los Angeles has pulled down a website it used to allow customers to access their test results after a customer found a vulnerability that allowed access to other people’s personal information. Total Testing Solutions has 10 COVID-19 testing sites across Los Angeles, and processes…
Data breach from contact tracing survey ‘low risk’ to Hoosier privacy, 750,000 affected
WANE reports: The Indiana Department of Health announced Tuesday it is notifying nearly 750,000 Hoosiers that data from the state’s COVID-19 online contact tracing survey was improperly accessed back in July. The data included name, address, email, gender, ethnicity and race, and date of birth. “We believe the risk to Hoosiers whose information was accessed…
New details — and data — emerge from Eskenazi Health ransomware incident
On August 4, this site noted that Eskenazi Health in Indiana had reportedly gone on diversion protocols following an attempted ransomware attack. On August 9, the hospital reported that it was still on diversion but that no patient or employee data was affected by the attack – or at least as far as they could…