Access Health CT is notifying 1,100 consumers about a data breach. Their notice, reproduced below from their website, does not explain how the breach happened or what it involves. It sounds like they want consumers to take action to sign up for free services, but it would be helpful to know *why* consumers should be…
Category: Health Data
Privacy, ransomware breach hits Lower Mainland social support group
Jeremy Hainsworth reports: …The Lookout Housing + Health Society, which works in 14 Lower Mainland municipalities, serving 2,500 people a day and housing 1,400 per night, was hit with a ransomware attack. Lookout provides a medical and dental clinic, food bank, needle distribution and community clean-up, HIV and Hep C supports, peer and employment programs and youth counselling programs….
Maze Team updates its site, dumps more victims’ data
The Maze Team attackers continue to announce more of their ransomware victims that have not complied with their ransom demands, and they continue to dump data from those who do not pay them. When I checked their site again today, I noticed that they had announced that they have dumped all their files on the…
VillageCareMAX & VillageCare Rehabilitative & Nursing Center Notices of Data Privacy Incident After Business Email Compromise
The following is part of the notice Village Senior Services Corporation d/b/a VillageCareMAX posted on their website. Note that the attacker was apparently requesting names and Medicaid ID numbers, which makes me wonder what the plan for misuse was — insurance fraud, perhaps? VillageCareMAX (“VCMAX”) is providing notice of an incident that may affect the…
LabCorp website bug exposed thousands of medical documents
Zack Whittaker reports: A security flaw in LabCorp’s website exposed thousands of medical documents, like test results containing sensitive health data. …. This latest security lapse was caused by a vulnerability on a part of LabCorp’s website, understood to host the company’s internal customer relationship management system. Although the system appeared to be protected with a…
SC: Tidelands Health named in class action lawsuit after December ransomware attack
Andrew James reports on a ransomware attack on a South Carolina system that has yet to show up on HHS’s public breach tool: The impacts of the December 12 cyberattack on the Tidelands Health Hospital System are unclear, but what is clear is that patients feel they were victimized as a result of negligence. A…