Laura Hautala reports: It’s some of the most sensitive medical information a person could have. Records for potentially thousands of patients seeking treatment at several addiction rehabilitation centers were exposed in an unsecured online database, an independent researcher revealed Friday [link corrected by DataBreaches.net]. The records included patients’ names, as well as details of the…
Category: Health Data
WSU to pay up to $4.7 million for data theft involving 1.2 million people
Breaches that involve health data generally will cost you more. Asia Fields reports: Washington State University learned a costly lesson after a hard drive containing the personal information of more than a million people was stolen from a self-storage locker in 2017. Now, the university is going to have to pay even more. In a…
ME: Acadia Hospital mistakenly released confidential information of 300 Suboxone patients
Callie Ferguson reports: A communications official at Northern Light Acadia Hospital in Bangor mistakenly emailed the confidential names of 300 patients with prescriptions for Suboxone, a medication used to treat opioid use disorder, to an editor at the Bangor Daily News last week. In addition to their names, the list also contained the identities of…
Did ransomware claim a victim or did two doctors just make a poor decision?
An article by William Maruca of FoxRothschild is headlined, “Ransomware Claims A Victim.” It discusses the case of Brookside ENT, whose doctors decided to shutter their practice and retire a year early after a ransomware attack that encrypted their patient data, billing information, scheduling information, and even their backups. In other words, the attacker successfully…
MN: Riverplace Counseling Center Notifies 11,639 Patients After Security Incident
From their notice: ANOKA, MINNESOTA – April 11, 2019 – Riverplace Counseling Center has become aware of a potential data security incident that may have resulted in the unauthorized access to personal information, including health information. Although at this time, there is no evidence of any attempted or actual misuse of anyone’s information as a…
Update on Meditab breach
On March 19, this blog linked to a TechCrunch report about an improperly secured Meditab fax server that potentially allowed fax images with patient information to be accessed from an analytics portal. The exposure had been found by SpiderSilk, a cybersecurity firm in Dubai, who estimated that 6 million images were potentially accessible. The TechCrunch…