Meow Leaks has added Vanderbilt University Medical Center (VUMC) in Tennessee to their leak site, and has dumped what they claim is 100% of the data they exfiltrated. “The hack was 02/11/23 The company will be hacked again!” they announced on November 18. The leak was posted in two parts, each described as “SQL,”…
Category: Health Data
Welltok data breach exposes data of 8.5 million US patients
Bill Toulas reports: Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack. Bill’s article has some good information in it, and you can read more at…
Ransomware Attack Delays Medical Care, Residents Seek Alternatives
In the wake of the attack on TransForm that affected southwest Ontario hospitals, some patients still have to seek care elsewhere. Sandeep Kunchikor reports: Amherstburg, Ontario resident Jennifer Duguay recently experienced a shocking denial of medical care. After being referred for an urgent biopsy for a potential case of inflammatory breast cancer, Duguay was told…
A cyberattack on a U.K. accounting firm wound up leaking U.S. patient data. Now what?
DataBreaches would have passed over a listing on LockBit3.0’s site if Brett Callow hadn’t kindly called our attention to it. The listing by the threat actors was for HSKS Greenhalgh Chartered Accountants and Business Advisors, and LockBit claimed to have exfiltrated 168 GB of files with: Employees (NIN numbers, passport scans, ID scans, Employee forms…
UK: Former NHS secretary found guilty of illegally accessing medical records
A reminder of the insider threat: A former NHS employee has been found guilty and fined for illegally accessing the medical records of over 150 people. Loretta Alborghetti, from Redditch, worked as a medical secretary within the Ophthalmology department at Worcestershire Acute Hospitals NHS Trust when she illegally accessed the records. In June 2019, a…
Does claiming you were hacked when you had really just screwed up violate the FTC Act?
On November 12, DataBreaches published an OpEd, If entities continue to obfuscate and lie, it’s time to mandate more transparency in breach disclosures. Today, we post another example of why we need to legislate and enforce data breach notification laws that prohibit deceptive statements and mandate more disclosure when data has been leaked. This week,…