Sometimes, reports submitted to HHS do not show up on their breach tool for a few weeks. A breach report submitted January 2 by Lawrenceville Internal Medicine Associates of NJ caught my eye today. The incident, coded as unauthorized access/disclosure of protected health information in email, reportedly impacted 8,031 patients. The following is a notice…
Category: Health Data
Ca: Former Covenant Health employee fined for privacy breaches after accessing health records of 16 people
Anna Junker reports: A former employee for Covenant Health has been fined after pleading guilty to knowingly accessing health information contrary to the Health Information Act. On Jan. 20, Amanda Vandenberg admitted to illegally accessing health records of 16 people on 465 occasions that occurred at the Misericordia Community Hospital where she was employed as…
Access Health CT notifying 1,100 consumers of data breach
Access Health CT is notifying 1,100 consumers about a data breach. Their notice, reproduced below from their website, does not explain how the breach happened or what it involves. It sounds like they want consumers to take action to sign up for free services, but it would be helpful to know *why* consumers should be…
Privacy, ransomware breach hits Lower Mainland social support group
Jeremy Hainsworth reports: …The Lookout Housing + Health Society, which works in 14 Lower Mainland municipalities, serving 2,500 people a day and housing 1,400 per night, was hit with a ransomware attack. Lookout provides a medical and dental clinic, food bank, needle distribution and community clean-up, HIV and Hep C supports, peer and employment programs and youth counselling programs….
Maze Team updates its site, dumps more victims’ data
The Maze Team attackers continue to announce more of their ransomware victims that have not complied with their ransom demands, and they continue to dump data from those who do not pay them. When I checked their site again today, I noticed that they had announced that they have dumped all their files on the…
VillageCareMAX & VillageCare Rehabilitative & Nursing Center Notices of Data Privacy Incident After Business Email Compromise
The following is part of the notice Village Senior Services Corporation d/b/a VillageCareMAX posted on their website. Note that the attacker was apparently requesting names and Medicaid ID numbers, which makes me wonder what the plan for misuse was — insurance fraud, perhaps? VillageCareMAX (“VCMAX”) is providing notice of an incident that may affect the…