Sarah Sinclair reports: A UK medical cannabis clinic is carrying out investigations after a substantial amount of patients’ information was leaked in a major data breach. In an email sent to patients on Monday 18 August, CB1 Medical confirmed it had identified a ‘data security incident’ when patients’ personal details, including prescription information, were found…
Category: Health Data
Two agencies in one state investigated and fined Healthplex. Was that one too many?
DataBreaches is generally a great fan of state attorneys general taking enforcement action stemming from data breaches where the security was really subpar or the entity did not notify those affected in a reasonable amount of time. But two enforcement actions in New York have me wondering if the state has been a bit unfair…
When a deal is not a done deal: Nova demands higher payment from Clinical Diagnostics (1)
Last week, it appeared that Clinical Diagnostics (“Eurofins”) had paid a gang’s demands not to leak patient data that Nova had exfiltrated during a ransomware attack in July. Clinical Diagnostics in the Netheralands held patient data on 485,000 Dutch women in a cervical cancer screening program. Nova confirmed the payment to a Dutch news outlet….
HHS OCR Settles HIPAA Ransomware Security Rule Investigation with BST & Co. CPAs, LLP
In February 2020, DataBreaches reported that patients of Community Care Physicians in New York may have had their protected health information, date of birth, and insurance coverage exposed as a result of a ransomware attack by Maze Team at the Albany-based accounting firm BST & Co. CPAs. The incident was reported at the time to…
Microsoft’s Nuance coughs up $8.5M to rid itself of MOVEit breach suit
Carly Page reports: Microsoft-owned talk-to-text outfit Nuance has agreed to cough up $8.5 million to settle a class action lawsuit over the sprawling MOVEit Transfer mega-breach – although it admits no liability. The proposed deal [PDF], filed in a Massachusetts federal court last week, would draw a line under litigation brought by individuals who claimed that the company failed…
NYDFS Secures $2 Million Cybersecurity Settlement with Healthplex, Inc.
There is an update to a phishing incident in 2021 that impacted more than 89,000 people with Healthplex dental insurance. DataBreaches notes that the NYDFS settlement announced below is not the first settlement stemming from this incident. In December 2023, the NY Attorney General’s Office announced a $400,000 settlement with Healthplex. Both the 2023 and…