Mary Anne Pazanowski reports an update to litigation that stemmed from a breach in 2018 that was disclosed by Episcopal Health Services in November 2018 and then updated in 2019. A group of New York patients claiming that Episcopal Health Services Inc. failed to protect their private information from unauthorized disclosures can proceed in state…
Category: Health Data
Why weren’t patients told that their data was dumped publicly?
On May 13, DataBreaches.net reported that Ako ransomware operators revealed that they had attacked North Shore Pain Management in Massachusetts. The threat actors announced the attack and dumped some of the practice’s files when the medical practice did not pay their ransom demand. The data dump, consisting of more than 4 GB of more than…
Pennsylvania health system hit by NetWalker ransomware
NetWalker ransomware operators have added Crozer-Keystone Health System to their list of victims who have not paid their ransom demands. In a post on the threat actors’ website today, they note that they will start dumping data in six days if the Pennsylvania-based health system does not meet their demands. Their public threat does not…
Suspected UMPC hacker accused of stealing employee data from 65,000 UPMC employees arrested in Detroit
Torsten Ove reports: A man accused of hacking the human resources databases at the University of Pittsburgh Medical Center starting in 2014 and stealing the data of 65,000 employees was arrested Tuesday in Detroit. Justin Sean Johnson is under indictment in Pittsburgh on charges of conspiracy, wire fraud and aggravated identity theft in connection with…
Care New England website remains down; no evidence found of data exfiltration
Brian Amaral provides an update on what sounds like a ransomware attack: Care New England’s investigation into ongoing IT problems hasn’t turned up any evidence of unauthorized access to patient information, the nonprofit’s president and CEO said Wednesday. Dr. James Fanale said Care New England, which includes Kent Hospital, Women & Infants Hospital and Butler…
UK: Patient privacy breach at Chatham-Kent Health Alliance
Bruce Corcoran reports: A Chatham-Kent Health Alliance (CKHA) employee went snooping into the health records of 40 patients in recent months; they are no longer with the organization. Justin Turkington, director of human resources and occupational health and safety for the alliance, said the information breach took place over a matter of months – from…