It’s been a while since DataBreaches has seen any announcements from Desorden, but the group contacted DataBreaches over the weekend to claim responsibility for a hack and data breach of Better Way Thailand Company Limited, a personal care products and cosmetics distributor. Mistine is one of 200 companies under Saha Group, Thailand’s leading consumer products publicly…
Category: Breach Incidents
In yet another long gap to notification, a covered entity notifies patients of a May 2021 cyberattack
On May 5, 2021, Benson Health in North Carolina (formerly known as Benson Area Medical Center) discovered that it was the target of a cyberattack. According to their notification dated July 7, 2022, they immediately launched an investigation, engaged a law firm specializing in cybersecurity and data privacy, and engaged third-party forensic specialists to assist….
BJC HealthCare settles class action litigation
In May 2020, DataBreaches noted that BJC Healthcare in Missouri was alerting patients to a data breach. The breach had first been discovered on March 6, shortly after three employee email accounts were compromised. At the time of notification, BJC Healthcare reported that investigators were unable to determine if any emails or attachments had actually…
This post provides substitute breach notification to one patient Oregon Health & Science University could not otherwise directly notify
Federal regulations requjire substitute notice when notification by postal mail or other direct means cannot be made, but I cannot recall ever seeing a substitute notice that announced it was only being made for one particular patient. The following was published by the Oregon Health & Science University: On May 16, 2022, a computer belonging…
Baton Rouge General Medical Center ransomware attack has caused patients to be diverted to other hospitals, lost records, and lab services down — source
By July 1, word was circulating that the Baton Rouge General Medical Center in Louisiana had been hit by ransomware. A copy of the ransom note shared with DataBreaches pointed clearly to the Hive group, but when asked about it, Hive’s spokesperson claimed that DataBreaches had “incorrect info.” Since then, the medical center has not…
A new group on the ransomware scene? BianLian claims to have hacked Mooresville Schools
Seen on Twitter: A new #ransomware group named #BianLian claims to have hacked #Mooresville Schools (@MrsvlPioneers), a public school district in Indiana, ??. The group claims to have stolen ~4,200 student records containing phone numbers, email addresses, and social security numbers… pic.twitter.com/QWECxn62L9 — BetterCyber (@_bettercyber_) July 11, 2022 BianLian seems to be using a strategy…