Brian Krebs reports: National Veterinary Associates (NVA), a California company that owns more than 700 animal care facilities around the globe, is still working to recover from a ransomware attack late last month that affected more than half of those properties, separating many veterinary practices from their patient records, payment systems and practice management software. NVA…
Category: Health Data
Indian onlinebloodbank FINALLY secures exposed donors database
It’s been a frustrating matter, but it may finally be resolved, thanks to the individual known as @fs0ciety on Twitter. In May 2019, DataBreaches.net was alerted to an online bloodbank in India that had a misconfigured Amazon s3 bucket. Despite repeated emails by this site and even a phone call from Banbreach infosec in India,…
Unprotected patient data in the Internet – a review 60 days later, or The Good, the Bad, and the Ugly
A report by Greenbone Networks in September about the leak of medical images online made waves — including spurring Senator Warner to ask HHS OCR what it was doing in response to the report. Today, Greenbone reached out to a number of sites to alert us all to an update to their report. From their…
IE: Liver patients exposed in data breach
John Burke reports: Patients at a Dublin-based company, which conducts liver scanning procedures, have been informed of a significant data breach affecting the company’s email system. RTÉ’s This Week programme has learned that the company, Liver Wellness, wrote to customers last month to say that the company’s email account had been hacked. The company said…
AU: Drug rehab patients left exposed after fraudster hacks files
Deborah Cornwall reports: A major security breach at one of NSW’s largest drug rehabilitation services has left hundreds of past and current patients at risk, with many reporting their bank, tax and superannuation accounts, as well as highly confidential records, have been hacked. Adele House runs in-house drug and alcohol rehabilitation programs in Werrington, in…
CAH Holdings issues notice after employee email accounts compromised
What follows is a somewhat unsatisfactory notice. It does not indicate when the email accounts were compromised. It does not indicate when the firm first discovered it or how they discovered it. It does not indicate how many people are being notified by them. It does not explain to patients why a holdings firm has…