Ayesha Arvind reports: The Madras High Court Wednesday dismissed the petition filed by cyber security researcher Himanshu Pathak seeking a probe into the alleged data breach at national insurance firm, Star Health Insurance. Justice M Dhandapani dismissed Pathak’s petition after noting that a civil suit filed by Star Health last year dealing with the same issue is already pending…
Category: Health Data
The Global State of Internet of Healthcare Things (IoHT) Exposures on Public-Facing Networks
Censys recently published a new research report that looks at exposed data on the internet involving healthcare devices and systems connected to PHI. Here’s their Executive Summary: Censys discovered 14,004 unique IP addresses exposing healthcare devices and data systems connected to potentially sensitive medical information on the public internet. These exposures greatly raise the risk of unauthorized…
Rocky Mountain Gastroenterology appears to have been attacked by three different groups; more than 169,000 patients affected (1)
Update: On November 13, Rocky Mountain Gastroenterology (RMG) reported the incident to HHS OCR as affecting 366,491 patients. RMG never responded to the inquiries this site submitted to it on October 19 and October 27. SuspectFile reports: This article will cover what appears to be a triple cyberattack on the IT systems of Rocky Mountain Gastroenterology (RMG), a…
2nd Settlement Triggered by 2017 Ransomware Attack Costs WA Practice $100K; ‘Not a Breach’
DataBreaches recently posted a press release from HHS OCR that announced a settlement with Cascade Eye and Skin Centers following a ransomware investigation. Theresa Defino of Report on Patient Privacy (RPP) dug into the incident and investigation more, and her reporting services as a great reminder that HHS’s press releases frequently do not really answer…
Birth Choice of San Marcos to notify patients of breach at National Diagnostic Imaging
On March 16, 2024, National Diagnostic Imaging (NDI) experienced a network disruption. Their investigation subsequently revealed that they had been the victim of unauthorized access between February 19, 2024, and March 27, 2024. According to a letter from one of their clients, they notified Birth Choice of San Marcos on August 19 of the scope…
Double trouble: DoctorsToYou has not one, but two data security incidents to address
On Wednesday, the RansomHub ransomware group added a listing for DoctorsToYou in New York to their leak site. Their listing included several screencaps that revealed personally identifiable information (PII) and protected health information (PHI). Some of the files specifically showed their name or letterhead. The listing did not indicate how many GB of data RansomHub…