James Delaney reports: An Edinburgh mental health clinic is at the centre of a probe into a data breach resulting in hundreds of client contact details being accessed as part of a phishing scam. Bosses at The Edinburgh Practice, which offers a range of psychological and psychiatric counselling, were accused of failing to properly notify patients of the…
Category: Health Data
UK: NHS vaccination website leaks people’s medical data
Joel Khalili reports: A gaping security hole has been discovered in the NHS vaccination booking website, which can be easily exploited to find out whether someone has received a jab. The problem relates to the way the website treats different users, depending on how far along they are in the vaccination process. Read more on…
WA: SEIU 775 Benefits Group notifying 140,000 about hack
On April 4, SEIU 775 Benefits Group in Washington experienced abnormal activity in their system and started investigating. Their investigation revealed that an unauthorized individual had gained access to their systems and had deleted some files with personal and protected health information in the process. There was no evidence, however, that the unauthorized individual had…
Nexelis Group responds to malware attack on systems formerly owned by Pacific Biomarker
Here’s another breach that has not been in the headlines (or at least, not yet). On November 8, 2020, Nexelis Group discovered that their system had been encrypted by malware. According to the notification letter sent to patients in April, the information was contained on the server of a company that Nexelis recently acquired, Pacific Biomarkers….
Medtronic plc notifies patients after employee’s devices accessed by unauthorized person
It hasn’t been in the headlines — at least not yet — but Medtronic, a well-known medical device company, is notifying some customers after an incident one employee’s devices may have compromised personal or patient information. According to a notification letter, on March 12, an employee’s computer, phone, and iPad were “taken and accessed for…
WA: RX Pharmacy, LTC and RX Pharmacies notify patients after discovering hack of email accounts
KNDO and KNDU in Washington report: RX Pharmacy, LTC and RX Pharmacies says their email has been hacked after detecting suspicious activity and protected health information and/or personal information has potentially been compromised. It was discovered that a business email may have hacked on October 6, 2020. Letters have already gone out to those potentially…