i24News reports a surge in anti-Israel cyberattacks, including targeting critical entities such as hospitals: Notably, around 40 to 50 different groups have claimed responsibility for approximately 400 cyber attacks against Israeli targets. The cyber conflict has also drawn in ‘hacktivists’ from countries such as Iran and Russia. Messing notes, that in the past few days…
Category: Health Data
‘Data security event’ in city’s email system may have exposed health information, Philly officials say
Nick Vadala reports: A potential data breach in the City of Philadelphia’s email system earlier this year may have exposed protected health information for an unspecified number of people. Read more at The Philadelphia Inquirer. It is not clear from what the city has disclosed why it took them almost 5 months from initial discovery…
HIPAA requires employers to sanction employees who violate HIPAA. Did you know that?
From HHS’s October cybersecurity newsletter: Last year, the Department of Health and Human Services’ (HHS) Health Sector Cybersecurity Coordination Center (HC3) released a threat brief on the different types of social engineering1 that hackers use to gain access to healthcare information systems and data.2 The threat brief recommended several protective measures to combat social engineering, one of…
BlackCat threatens to leak data from Morrison Community Hospital (1)
On October 13, AlphV threat actors added Morrison Community Hospital to their dark web leak site. Within hours, it appeared to have been removed. Today, it was re-listed with this commentary by AlphV: HUGE LEAK COMING! SQL + DATA = 5TB Given that we haven’t received a clear response from MCH representatives, we’ve decided to…
Personal Touch Holding settles NY Attorney General’s lawsuit stemming from 2021 ransomware incident: will pay $350k, improve security
From a press release from the NYS Attorney General’s Office today: New York Attorney General Letitia James today secured $350,000 from a Long Island-based home health care company, Personal Touch Holding Corporation (Personal Touch), for failing to protect vulnerable New Yorkers’ personal information and health care data. Personal Touch’s poor data security made it vulnerable to…
Inmediata settles multi-state litigation for $1.14 million; will improve data security and breach notification practices
Indiana Attorney General Rokita led a coalition of 33 attorneys general in a multi-state investigation and litigation against health care clearinghouse Imnediata stemming from a breach disclosed in 2019. Background In January 2019, HHS OCR alerted Inmediata that protected health information (PHI) maintained by Inmediata was available online and had been indexed by search engines….