Arthur White-Crummey reports: After finding numerous security gaps on laptops, tablets and smartphones connected to the eHealth system, Saskatchewan’s provincial auditor warned they could increase the risk of cyberattacks like the one that compromised sensitive personal information late last year. Judy Ferguson’s office identified unencrypted devices, inappropriate security settings, unrestricted USB ports and untrained staff…
Category: Health Data
CHI St. Luke’s Health Memorial Lufkin notifies patients of April security incident
June 22 — CHI St. Luke’s Health-Memorial Lufkin announced today that it has taken action after becoming aware of an incident that took place on April 23, 2020 in which an unapproved third party gained access to patient information. Though we have no evidence to confirm that information was actually viewed or obtained by the…
Florida Orthopedic Institute hit by ransomware
Florida Orthopedic Institute has notified the California Attorney General’s Office of a ransomware attack on April 6. Their notification does not indicate what type of ransomware was involved, or whether they paid any ransom. They are offering their patients identity monitoring services with Kroll, but note that they have no evidence that any patient data…
Ministry still tracing cause of Indonesia’s COVID-19 patient data leak
Antara News reports an update to a breach that first came to light when a data broker listed the data for sale on RaidForums. The Ministry of Communication and Informatics (Kominfo) currently continues to trace the reason behind the alleged hacking of a database containing information of the country’s COVID-19 patients that was circulated in…
New York Patients’ Data Breach Claims Sent Back to State Court
Mary Anne Pazanowski reports an update to litigation that stemmed from a breach in 2018 that was disclosed by Episcopal Health Services in November 2018 and then updated in 2019. A group of New York patients claiming that Episcopal Health Services Inc. failed to protect their private information from unauthorized disclosures can proceed in state…
Why weren’t patients told that their data was dumped publicly?
On May 13, DataBreaches.net reported that Ako ransomware operators revealed that they had attacked North Shore Pain Management in Massachusetts. The threat actors announced the attack and dumped some of the practice’s files when the medical practice did not pay their ransom demand. The data dump, consisting of more than 4 GB of more than…