In July, DataBreaches.net reported on a leak it had discovered in June. On September 17, Medico of South Carolina reported a breach to HHS that reportedly impacted 6,489 patients. On December 11, they issued a press release that appears to be related to the same incident. Medico of South Carolina “(Medico”) is a medical billing company…
Category: Health Data
Cheyenne Regional Medical Center notifying patients; employee email accounts had been hacked in March
Cheyenne Regional Medical Center in Wyoming has posted a data security incident notice on its website. According to the notice, on or about April 5, 2019, CRMC became aware of suspicious activity related to certain employee payroll accounts and launched an investigation. They ultimately determined that some CRMC employee accounts were accessed without authorization between…
Months-Long Privacy Breach Involving Meal Tray Tickets at Zuckerberg SF General Hospital: DPH
Bay City News reports: The San Francisco Department of Public Health announced Tuesday a privacy breach at Zuckerberg San Francisco General Hospital involving patients’ meal tray tickets that were improperly disposed into regular garbage bins. The tickets, which contained patients’ full names, birth month and day, bed/unit location at the hospital, diet information and menu…
Hairmyres Hospital creep facing jail over data protection breach
East Kilbride News reports: A Hairmyres Hospital worker chatted up patients after breaching data protection rules to get contact details from their medical records. Andrew Stewart had access to patient files at two different medical facilities, and allegedly misused his access privileges to obtain contact data on female patients whom he would then contact. He…
How can we screw up incident response? Let me count the ways — Monday UK Edition
This week, DataBreaches.net was reminded yet again of the risks of trying to alert an entity to a breach. This time, it was not me who was threatened or any of the whitehat researchers I know. This week, it was a citizen who found patient records on the street in his town and undertook to…
Banner Health agrees to $6 million settlement over 2016 breach
Jessica Kim Cohen reports an update on a 2016 breach covered on this site: Banner Health has agreed to pay up to $6 million to victims of a massive data breach the Arizona health system experienced in 2016, according to court documents filed last week. The plaintiffs in the case filed the motion for preliminary…