Another lawsuit has been filed in the wake of a ransomware attack on a New York ambulance service. Now we hear that the victim paid ransom. Will it make a difference? Firehouse reports: A lawsuit has been filed against Empress Ambulance in New York after hackers accessed patient information. According to the class action lawsuit…
Category: Breach Incidents
CommonSpirit Health Provides Cyberattack Update and Notification of Data Breach Involving Virginia Mason Franciscan Health in Washington state
There was an update on December 1 to the CommonSpirit ransomware attack that DataBreaches has reported on multiple times already. Press release: On October 2, 2022, CommonSpirit detected activity on its IT network that was later determined to be ransomware. CommonSpirit immediately took steps to secure the network, which included proactively taking certain systems offline, and…
Brazilian debt collection firm pays Hive $500k ransom while SuspectFile spectates it all
Marco A. De Felice (aka @amvinfe) had a bird’s eye view of negotiations between a Brazilian credit recovery and financial solutions firm and the Hive ransomware team. He also got to track the victim’s payment over wallets. Reading his partial transcript from the negotiations, the victim quickly went from an offer of $50k — an…
Connexin Software notifies parents of 2.2 million pediatric patients of hack
Connexin Software, a business associate to numerous pediatric practices, recently notified HHS that it experienced a breach that affected 2,216,365 patients. One thing DataBreaches noted with interest in their substitute notice below is their statement that an unauthorized individual was able to access an offline set of patient data used for data conversion and troubleshooting. …
Reminder that small-n medical privacy breaches can cause harm
Over on PogoWasRight.org this morning, I linked to a post by Eric Goldman involving litigation over a medical privacy breach. One plaintiff claimed to have suffered significant harm in her life due to a hospital employee mailing her information to an unrelated third party who then posted it online. I mention that case because although…
No Need to Hack When It’s Leaking, Friday Global Edition
For today’s episode of “No Need to Hack When It’s Leaking,” DataBreaches brings you three leaks involving patient/medical information: one from the U.S., one from India, and one from Australia. Tridas Center Jeremiah Fowler and the Website Planet research team discovered an unsecured database containing more than 16,000 records with personally identifiable information about pediatric…