Update: On December 2, Sunshine Behavioral Health reported this incident to HHS as impacting 3500 patients. They also ticked the box for Business Associate. Update 2: On January 23, 2020, ID Experts submitted a copy of their notification to patients to the Vermont Attorney General’s Office. Another day, another leak. In this case, an error…
Category: Health Data
Medical supply firm notifies patients after phishing incident
Updated Nov. 20: This incident was reported to HHS as impacting 114007 patients. Original post: Solara Medical Supplies, LLC in Chula Vista, California is notifying some of their patients and employees after discovering that attackers had successfully gained access to some employees’ email accounts that contained employee and patient information. According to a press release…
Ca: No answers on Fort Simpson dump breach until 2020 due to privacy breach backlog
Hilary Bird reports: Almost a year after boxes of personal medical records were found at the Fort Simpson dump, the Northwest Territories Information and Privacy Commissioner hasn’t had time to investigate the breach. A spokesperson for Elaine Keenan-Bengts’ office says that because of a backlog, the commissioner won’t be able to look into the incident…
Analyzing Careless Users, An Often Overlooked Threat
Many have written about how to mitigate the risks posed by malicious insiders. But what about the vulnerabilities associated with Careless Users? What actions can healthcare organizations take to better prevent a breach caused by internal negligence? The Clearwater CyberIntelligence® Institute analyzed the Critical and High risks found in Clearwater’s IRM|Analysis™ database, specifically focusing on…
The University of North Carolina- Chapel Hill School of Medicine Notifying Patients After 2018 Phishing Incident
Some readers may have trouble accessing a notice from the School of Medicine at the University of North Carolina — Chapel Hill due to an issue with Chrome, so I’m embedding the whole notification below. TL;DR version: some employees fell for a phishing attack and their email accounts may have been accessed between May 17,…
CT: Starling Physicians Warns Patients of Data Breach
NBC reports: According to an announcement released Tuesday, Starling was the target of a cyber-phishing attack on February 8. When the Connecticut-based healthcare group learned of the breach, they secured the affected email accounts and hired a forensic security firm. On September 12, investigation found that the email accounts affected by the attack contained information…