I missed this one a few weeks ago, it seems. On June 9, CGTN Africa reported: South Africa’s Life Healthcare said on Tuesday its southern African operation was hit by a cyber attack affecting its admissions systems, business processing systems and email servers, but is yet to determine the extent to which data has been…
Category: Health Data
PH: Unauthorized disclosure of COVID-19 patients’ identities continues
Nikko Dizon reports: As the number of coronavirus cases in the Philippines steadily increased from mid-March to late May, the National Privacy Commission (NPC) had been investigating 22 complaints of privacy breaches involving more than 150 COVID-19 patients, as well as suspected and probable cases. In at least 7 of these cases, the breach was committed…
Magellan ransomware attack impacted multiple subsidiaries and affiliates (UPDATE 2)
On May 12, DataBreaches.net reported that Magellan Health was notifying an unspecified number of individuals as a result of a ransomware attack. At the time they wrote their notification letter, Magellan stated that investigators had found that a subset of data had been exfiltrated from a single corporate server. As explained in their first notification…
LifeLabs failed to protect the personal health information of millions of Canadians- Privacy Commissioners
In November, 2019, Canadian testing laboratory provider LifeLabs disclosed a data breach. In February, 2020, it tried to block regulators from accessing a report on the breach prepared for it by Crowdstrike. Today, the B.C. and Ontario privacy commissioners released their report on the incident. It was highly critical of LifeLabs. Knowing that the report…
If you needed yet one more example of the risks of PHI in employee email accounts
I’m not sure what it might take to get a real shift in how entities approach security of employee email accounts. Despite known risks of phishing and hacks, a tremendous amount of personally identifiable information (PII) and protected health information (PHI) resides in emails or email attachments in employee accounts. Read the following chronology provided…
Georgia hospital claims it is investigating medical records theft, suspends employees
Laura Dyrda reports that Landmark Hospital of Athens in Georgia is investigating the theft of medical records and on June 19 suspended three employees who may have been involved. But there’s likely a lot more to this story than employees stealing medical records. Four nurses at that hospital have filed a lawsuit against the hospital accusing…