On October 13, BlackCat (AlphV) threat actors first threatened to leak data from Morrison Community Hospital (MCH) in Illinois. Shortly thereafter, the listing was removed, only to be re-listed on October 19 with a claim by BlackCat that because the hospital had not given them a clear response, they were going to leak a little…
Category: Health Data
Breaking Trust: Hospital Worker Suspended For Invasion Of Patient’s Privacy
Cheryl King reports: In a shocking incident at the Government Ariyalur Medical College Hospital, a temporary housekeeping staff has been suspended for violating patient privacy. The accused, Manikandan of Kadur in Perambalur, allegedly took a photo of a male patient who was lying unconscious and naked in the operation theatre and shared it on WhatsApp….
South Australian health patients caught up in data breach of third-party platform Personify Care
ABC reports: Thousands of South Australian public health patients are being contacted over a data breach of a third-party run portal. The state government said “unintentional human error” by patient portal Personify Care allowed an “unauthorised third party” to delete a folder used to store patient documents uploaded to an online platform. Department of Health…
Six months after data security incident, Fredericksburg Foot & Ankle Center notifies patients (1)
On October 24, the Fredericksburg Foot & Ankle Center (FFAC) in Virginia began mailing breach notification letters to almost 15,000 patients affected by a cyberattack. The letter’s “What Happened?” section simply stated, “As a result of a recent data security incident, an unauthorized person accessed our computer systems.” It did not mention ransomware or any…
Inadequate security measures: the Guarantor sanctions an ASL. The healthcare facility had suffered a ransomware attack
The following is a Google machine translation of a post by Italy’s data protection regulator. It strikes me yet again how entities covered by the GDPR get fined for poor or inadequate security practices that should — but generally do not — incur monetary penalties here: Sanction by the Privacy Guarantor of 30,000 euros to a…
In the throes of bankruptcy and hit by a ransomware attack, Akumin still unable to provide many diagnostic services to patients
On October 18, WFLX reported that Akumin was turning away patients after an apparent ransomware attack. The attack was potentially very concerning because Akumin provides medical scans and radiology services for about 1,000 hospitals and health systems in 48 states, although it is headquartered in Florida. Akumin first noticed suspicious activity on Oct. 11 and…