In April 2023, Brightside Health, Inc. reported a breach to HHS that affected 767 patients. The incident was coded as “unauthorized access/disclosure” of information located in “EMR, other.” HHS’s closing statement on the public breach tool described the incident this way: The covered entity (CE), Brightside Health, reported that an unauthorized individual accessed the protected…
Category: Health Data
HHS Office for Civil Rights Settles HIPAA Security Rule Failures for $950,000
Settlement with Heritage Valley Health System marks OCR’s third ransomware settlement as the agency sees 264% increase in large ransomware breaches since 2018 The U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) announced a settlement with Heritage Valley Health System (Heritage Valley), which provides care in Pennsylvania, Ohio and West…
How many clients and patients were affected by a ransomware attack on EqualizeRCM? We have no idea.
On August 17, 2023, SysInformation Healthcare Services, LLC, d/b/a EqualizeRCM (“SysInformation”) notified HHS of a breach. The firm, a business associate that provides revenue and billing cycle management services, reported that 501 patients had been affected. That number is generally interpreted as a placeholder marker when the entity has not yet figured out the real…
Za: Cybersecurity breach causes lab test delays, says Gauteng health department
TimesLIVE reports an update on a ransomware attack on the National Health Laboratory Services. The attack was confirmed by NHLS on June 25 and is still significantly impacting services. DataBreaches has not spotted any ransomware group or threat actor claiming responsibility for this one. There are delays in processing laboratory tests across public health facilities…
Russian hackers attack KBC Zagreb, Croatia’s largest hospital
TVP World reports: Russian hackers have claimed responsibility for carrying out a cyberattack on Croatia’s largest hospital. They demanded that the facility’s authorities pay a ransom by July 18, Serbian website Danas reported on Monday. The Zagreb teaching hospital was hacked last Thursday by the Russian LockBit 3.0 virus, used to steal data that enables…
Mass General Brigham fires two employees after patient data breach
Bryan Lambert reports: Mass General Brigham says some patients may have had personal information exposed after two employees allegedly allowed an unauthorized person access to private records. The hospital says on April 4 it was made aware of an incident where patients’ personal info, including name, address, medical record number, date of birth, email address,…