On July 1, DataBreaches reported that Mount Desert Island Hospital (MDIH) in Maine notified HHS on June 30 that 24,180 patients had been affected by a breach between April 28 and May 7. The types of protected health information involved included name, address, date of birth, driver’s license/state identification number, Social Security number, financial account…
Category: Health Data
OCR Presents: How the Security Rule Can Help Defend Against Cyber-Attacks
The HHS Office for Civil Rights (OCR) will be producing a pre-recorded webinar for HIPAA covered entities and business associates (collectively, “regulated entities”) discussing how the Security Rule can help regulated entities defend against cyber-attacks. The webinar will discuss real world cyber-attack trends from OCR breach reports and investigations and explore how implementation of appropriate…
Israeli mental health center in Jerusalem hit with cyberattack
The Jerusalem Post reports: The Kfar Shaul Mental Health Center in Israel’s capital of Jerusalem was hit with a suspected cyberattack, the Health Ministry said Tuesday. The ministry’s cyber security department, as well as Israel’s Cyber Authority, are looking into the incident. The Times of Israel also reports a cyberattack, but says the suspected cyberattack…
Visiting Physician’s Network in Texas silent about ransomware attack and incident response
One of the newer ransomware groups to open a leak site is “ThreeAM.” Bleeping Computer recently reported that the ThreeAM malware is written in Rust, and on at least one occasion, researchers discovered that when LockBit failed, ThreeAM (aka 3AM) was successfully deployed. Symantec has more details on the malware and the group’s methods. ThreeAM…
More victims of MOVEit breach are revealed: Nuance discloses for covered entities (UPDATE 1)
Add yet one more business associate to those affected by the Clop attack on Progress Software MOVEiT. Nuance has disclosed that it was affected by the May attacks. Although no number was revealed, the Microsoft-owned technology firm stated it was disclosing on behalf of: Atrium Health, the Charlotte-based health care system giant. Catawba Valley Medical…
Personal information of thousands of Sanford Health patients potentially compromised
Gretchen Hjelmstad reports: The imaging vendor Sanford Health uses for its mobile heart screen trucks, DMS Health Technologies, experienced a data security incident between March 27 and April 24, 2023. According to Sanford Health, patient information was potentially compromised including name, date of birth, date of service, physician name and exam type. Sanford Health is…