PhySynergy has disclosed a vendor breach involving IberiaBank’s lockbox service provider, Technology Management Resources, that may have impacted some of its customers and/or patients. From their press release: HUNTSVILLE, Ala., March 4, 2022 /PRNewswire/ — PhySynergy, LLC (the “Company”) is notifying individuals of a service provider security incident that involved the personal information of some of its patients and/or…
Category: Breach Incidents
KS: Labette Health discloses October, 2021 data security incident
Labette Health in Kansas has started notifying employees and patients of a data security incident. According to a statement on their website, an investigation determined that unauthorized individual(s) potentially accessed and acquired information from portions of their network between October 15, 2021 and October 24, 2021. It appears that it took them four months from…
MO: Capital Region reaching out to patients about cyberattack
The News Tribune reports that the Capital Region Medical Center in Missouri has started notifying patients whose protected health information (PHI) was accessed during a ransomware incident in December, 2021 that left their phone systems and network down for several days. CRMC had disclosed the incident promptly but had not been able to immediately determine…
Class action lawsuit against UKG over Kronos Private Cloud ransomware incident
A class action lawsuit has been filed in a California federal court against workplace management software company UKG Inc. UKG makes timekeeping and payroll management software and offers Kronos Private Cloud services. As a result of a ransomware attack in December, employees of the firm’s clients were not paid at all, were paid late, or…
287,652 South Denver Cardiology Associates patients notified of breach
South Denver Cardiology Associates (SDCA) recently disclosed that it began the new year with a data security breach that they first detected on January 4. Initiating their incident response plan, their investigation determined that an unauthorized person accessed their network between January 2, 2022 and January 5, 2022. During that time, certain files stored on…
UK’s ICO hits criminal defense firm Tuckers Solicitors with monetary penalty after ransomware attack
There’s an interesting monetary penalty notice involving a UK law firm stemming from a ransomware attack in 2020 and the ICO’s investigation of their data protection and security. The Information Commissioner announced today that it has issued Tuckers Solicitors a monetary penalty under section 155 of the Data Protection Act 2018 (“the DPA”). The penalty…