On September 24, DataBreaches.net contacted Dyras Dental in Lansing, Michigan to ask about Egregor threat actors’ claim that they had attacked them and exfiltrated data. Dyras Dental did not respond to that contact or to my subsequent DM to them on Twitter. On October 5, not seeing anything on Dyras Dental’s web site or Twitter…
Category: Health Data
Tennessee Proton Therapy Centers Report Cyber Security Breach
Martin Z. Braun reports: Municipal bond-financed facilities that treat cancer by proton radiation in Nashville and Knoxville, Tennessee reported an information technology “security incident” that has resulted in temporary but continuing disruptions to some clinical and financial operations, according to a Dec. 2 bond filing. Read more on Bloomberg Law (sub. req.). From the bond filing:…
Proposed settlement announced in Kalispell Regional Healthcare breach lawsuit
In October, 2019, Kalispell Regional Health suffered a phishing incident that impacted more than 100,000 patients. They were sued shortly thereafter. Today, a proposed settlement of the class action lawsuit was announced. The settlement has yet to be approved and the class hasn’t been certified yet for purposes of the suit. That is all scheduled…
Georgia dental practice discovers it was attacked by ransomware when the attackers call them on the phone
Well, this is a bit different from what I am used to reading. Galstan & Ward Family and Cosmetic Dentistry (Galstan & Ward) is a dental practice in Georgia. On September 9, 2020, they learned that they had been a victim of a ransomware attack — or an attempted attack — when they got a…
Thousands of US lab results and medical records spilled online after a security lapse
Zack Whittaker reports: NTreatment, a technology company that manages electronic health and patient records for doctors and psychiatrists, left thousands of sensitive health records exposed to the internet because one of its cloud servers wasn’t protected with a password. The cloud storage server was hosted on Microsoft Azure and contained 109,000 files, a large portion…
SC: McLeod Health notifying patients after breach of employee email account
From their notice on their web site: McLeod Health (“McLeod”) is committed to protecting the confidentiality and security of our patients’ information. Regrettably, we are addressing an email security incident that may involve some of that information. McLeod is currently reviewing the contents of an email account that was accessed by an unauthorized actor between…