Huang Li-yun and Matthew Mazzetta report that the hacker known as “Crazyhunter” on Breach Forums has been identified and prosecutors are seeking an arrest warrant for him: The Criminal Investigation Bureau (CIB) on Wednesday said it had identified the suspect behind the hacking and attempted extortion of MacKay Memorial Hospital as a 20-year-old Chinese man,…
Category: Health Data
Lawsuit: Pharmacist used spyware on UMMS computers to watch women, gain personal information
For your reminder of the insider threat for this week, Tolly Taylor reports: A Maryland pharmacist is accused of installing spyware on 400 computers over eight years to watch women at the hospital or in their homes, a lawsuit alleges. Six women filed a civil lawsuit on Thursday against the University of Maryland Medical System,…
16 months after they experienced a ransomware attack, Dameron Hospital notifies those affected
In 2017, Dameron Hospital in Texas reported a breach to the California Attorney General’s Office. No copy of its breach notification was uploaded to California’s breach site, and Dameron did not respond to this site’s email asking for details of the breach. The incident never appeared on HHS’s public breach tool, so we never found…
Vitenas Cosmetic Surgery patient data hacked and leaked
From the We-Wish-This-Was-An-April-Fools-Joke-But-It’s-Not department: It appears that another plastic surgery entity has fallen prey to a cyberattack, and once again, a lot of sensitive patient data has been leaked. Paul Vitenas, Jr., M.D., F.A.C.S. is the founder of Vitenas Cosmetic Surgery, Mirror Mirror Beauty Boutique, and the Houston Surgery Center in Texas. On March 5, …
Oracle Health breach compromises patient data at US hospitals
Oracle Health is becoming this year’s poster child for how NOT to respond to an incident. Lawrence Abrams reports: A breach at Oracle Health impacts multiple US healthcare organizations and hospitals after a threat actor stole patient data from legacy servers. Oracle Health has not yet publicly disclosed the incident, but in private communications sent to…
Change Healthcare Seeks Dismissal of Data Breach Lawsuits Brought by Consumers and Medical Providers
Irvin Jackson reports: Change Healthcare Inc. has filed a number of motions to dismiss lawsuits brought on behalf of both individuals and healthcare providers, seeking damages for a massive data breach last year, which exposed private health information for about a third of all Americans, and disrupted the processing of medical payments for providers nationwide….