University of Florida Health Shands officials have notified 1,562 individuals affected by a privacy incident involving a former employee who accessed medical records outside the scope of their duties between March 30, 2019 and April 6, 2021. Although this information did not involve Social Security Numbers, insurance details or other financial information, some demographic information…
Category: Health Data
IA: Wolfe Eye Clinic victim of Lorenz threat actors
There is no notice of any cyberattack on the web site of Wolfe Eye Clinic in Iowa, but the clinic has been investigating and addressing an alleged attack for more than one month now while patient care continues at their multiple locations. On April 1, threat actors known as Lorenz added the clinic to its…
UK: Edinburgh mental health clinic in probe after client information accessed in scam
James Delaney reports: An Edinburgh mental health clinic is at the centre of a probe into a data breach resulting in hundreds of client contact details being accessed as part of a phishing scam. Bosses at The Edinburgh Practice, which offers a range of psychological and psychiatric counselling, were accused of failing to properly notify patients of the…
UK: NHS vaccination website leaks people’s medical data
Joel Khalili reports: A gaping security hole has been discovered in the NHS vaccination booking website, which can be easily exploited to find out whether someone has received a jab. The problem relates to the way the website treats different users, depending on how far along they are in the vaccination process. Read more on…
WA: SEIU 775 Benefits Group notifying 140,000 about hack
On April 4, SEIU 775 Benefits Group in Washington experienced abnormal activity in their system and started investigating. Their investigation revealed that an unauthorized individual had gained access to their systems and had deleted some files with personal and protected health information in the process. There was no evidence, however, that the unauthorized individual had…
Nexelis Group responds to malware attack on systems formerly owned by Pacific Biomarker
Here’s another breach that has not been in the headlines (or at least, not yet). On November 8, 2020, Nexelis Group discovered that their system had been encrypted by malware. According to the notification letter sent to patients in April, the information was contained on the server of a company that Nexelis recently acquired, Pacific Biomarkers….