Zack Whittaker reports: An internet advertising company specializing in helping law firms sign up potential clients has exposed close to 150,000 records from a database that was left unsecured. The database contained submissions as part of a lead-generation effort by X Social Media, a Florida-based ad firm that largely uses Facebook to advertise various campaigns…
Category: Health Data
Breaches have consequences: AMCA files Chapter 11
Jeremy Hill of Bloomberg reports: Retrieval-Masters Creditors Bureau Inc., whose business was blamed for a large-scale data breach that affected millions of Quest Diagnostics Inc. customers, filed for Chapter 11 protection, citing fallout from the security issue. The company, which collects patient receivables for medical labs under the name American Medical Collection Agency, listed assets…
Ca: Patient data stolen during theft at Red Deer hospital
Mamta Lulla reports: Alberta Health Services is notifying 6,129 patients that their health information may have been viewed by someone other than their authorized care providers. The measure follows the theft of two hard drives contained in equipment in the rehabilitation department at Red Deer Hospital during a break-in in April. Read more on Red…
CO: Hit by ransomware, Estes Park Health decides to pay the ransom to get decryption keys
Zach Clemens reports that Estes Park Health suffered a ransomware attack on June 2. No data was exfiltrated, but it was locked up, and after consulting with their cyberinsurer and IT people, they decided that they had to pay the ransom. “At that point in time we are looking at the patients we have internally,…
OH: N.E.O. Urology pays attackers $75,000 after ransomware attack
Corey Vallas reports N.E.O. Urology in Boardman, Ohio paid attackers $75,000 after their computer systems were encrypted by ransomware. Police say the fax listed “Pay4Day.io” as the contact for further information. Read more on WFMJ. There is no notice on the medical practice’s web site as of the time of this posting, but it’s interesting…
Jury awards patient $300k after hospital employee improperly accessed and shared her records
This is the kind of insider breach that makes patients lose confidence in hospitals. I am not surprised that the jury came down hard on the hospital. Of the $300,000 award, $295,000 is punitive damages against the hospital for not doing anything against the doctor when they were made aware of the problem. A Coffee…