A ransomware attack on Professional Finance Company (PFC) has some of us who track breaches in the healthcare sector wondering how large this breach will be. The last time we saw a big breach involving a collection agency was in 2019. The American Medical Collection Agency filed for bankruptcy pretty quickly and the total number…
Category: Breach Incidents
VCU Health identifies and addresses a 16-year privacy breach
Soap operas are almost always long-running. Privacy breaches should not be, and 16 years is a very long time for a problem to go undetected. But it appears that’s what happened to the Virginia Commonwealth University Health System (“VCU Health”). Last month, VCU Health disclosed that they had recently learned that beginning as early as…
WI: Southwest Health Center notifies individuals whose protected health information was accessed
Southwest Health Center in Platteville, Wisconsin is a non-profit community health provider. Yesterday they issued a notice about a data security incident they first discovered on January 11 that reportedly impacted certain systems. An investigation determined that an unauthorized party accessed or acquired the personal and protected health information of some current and former employees,…
EXCLUSIVE: Marriott hacked again? Yes. Here’s what we know.
On June 28, DataBreaches received a message from an unrecognized sender. The subject was: “Breach of Marriott hotels! Very Important!” DataBreaches’ first thought was, “Seriously? Is this yet another breach involving Marriott or are some kids just trying to leak old data?” As it turned out, this was, in fact, a new breach. But how…
Update on Plainedge School District ransomware attack
On June 15, DataBreaches reported that BlackCat threat actors had added Plainedge School District in New York to their dedicated leak site. At the time, BlackCat (aka ALPHV) only offered a few files as proof but warned more data would be leaked if they did not hear from the district. The threat actors subsequently dumped…
ATC Healthcare, Community of Hope, The People Concern disclose breaches, Advocates notifies more people of its breach
Preface: In this post, DataBreaches summarizes four more notifications involving patient data or health data that were published this past week. Three of the incidents are new disclosures and one is an update. Note that the three newly disclosed incidents all involved compromise of employee email accounts. In at least two of the three incidents,…