The California Department of Corrections and Rehabilitation (CDCR) issued a breach notification this week. Because the notification mentions COVID-19 testing, at first, DataBreaches thought it was the incident CDCR had disclosed last month, but no, it turns out that that was a different incident. The newly revealed breach affects staff, visitors, and others tested for…
Category: Breach Incidents
Always at risk of DDoS, LockBit finds itself under greater attack after announcing Entrust attack
First LockBit claimed that they had successfully attacked security firm Entrust and would be leaking their files if their demands (financial) were not met. Bleeping Computer broke the story in June and then updated it. Then some person or persons decided to make it harder for LockBit to leak the data on their leak site….
How many breaches has Overlake Medical Center & Clinics experienced in the past few years?
In February 2020, Overlake Medical Center and Clinics in Washington State reported a phishing incident in December 2019. More than 109,200 patients were reportedly affected. HHS investigated the incident and wrote a closing note in the file: Overlake Medical Center and Clinics, the covered entity (CE), reported that multiple employees were the victims of an…
From the “What Could Possibly Go Wrong Department” after it went wrong, Monday edition
In June, many of us first became aware that Facebook was receiving sensitive medical information from hospital websites. Of 33 hospital websites that The Markup tested, 10 of them had trackers (“Meta Pixels”) which sent information to Facebook when a patients clicked a button on the hospital’s site to schedule an a medical appointment. This…
WA: Columbia River Mental Health Services issues preliminary media notice of a breach
On August 8, Columbia River Mental Health Services (“CRMHS”) in Washington State notified HHS about a data security breach involving some employee email accounts. A press release about the incident claims that CRMHS recently became aware of suspicious activity related to email accounts. They do not state exactly what they mean by “recently.” An investigation…
CO: Fremont County cyberattack update
Aidan Hulting reported the following on August 19: Fremont County officials say the county is still suffering from a cyberattack that took down county government systems on Wednesday, August 17th. The attack caused Fremont County Government buildings and county government systems to remain closed through Friday. Read more at KOAA. The official county website still…