The Medical Review Institute of America (“MRIoA”) collects protected health information (PHI) as part of providing clinical peer review for covered entities that request it (if the patient consents to provide info for the review). MRIoA was hit with ransomware in November. And although they do not directly state that they paid ransom, it sounds…
Category: Breach Incidents
Threat actors pose as pharmacists, get business associates to send them patient records
Harbor Health in Massachusetts has notified at least one patient whose data was compromised by an attack on ScansStat Technologies. According to a December 13 letter from Jesse A. Shipley, HHSI’s Director of Compliance & Risk Management, on November 12, ScansStat Technologies informed them that bad actors posing as pharmacies had managed to get ScansStat…
Schumer, In Manhasset, Promises Cybersecurity Aid to School Districts
Jennifer McLogan reports: Cyberattacks against school systems are becoming more damaging and aggressive with threats of extortion, unless ransom is paid. It’s costing taxpayers big bucks to repair school technology. Now help is on the way from the federal government. Read more at CBS. See more at NY State Senator Anna Kaplan’s website, where Frank Rizzo…
Oregon anesthesiology group notifies 750,000 about ransomware incident; FBI seized threat actors’ account with their files
Like many other healthcare entities, Oregon Anesthesiology Group, P.C. (OAG) became the victim of a ransomware attack this year. But somewhat atypically, the FBI seems to have seized a threat actor’s account that had their patient data. According to OAG’s statement of December 6, the medical group experienced what they described as a cyberattack that…
Optometry services provider and specialty pharmacy services both report breaches
As many people left for the weekend or were thinking about holiday shopping, two more HIPAA-covered entities disclosed breaches involving protected health information (PHI): optometry services provider Simon Eye Management and specialty pharmacy services provider BioPlus Specialty Pharmacy Services, LLC. Neither disclosure, described below, reported any malware or ransomware component to their breaches. By the…
UK: Claims firms turn their fire on data breaches
Rupert Jones reports: Claims companies and law firms looking for the next bonanza in payouts are targeting people who have been the victim of a data breach, with some telling those affected they could be entitled to thousands of pounds in compensation. […] What is fuelling this growing market is the fact that the UK’s…