Update: This incident was subsequently reported to the Maine Attorney General’s Office on February 15 as impacting a total of 94,449 people. Original post: In January, DataBreaches.net noted a report to the Massachusetts Attorney General’s Office that involved Comprehensive Health Services (CHS), a business associate providing occupational health services to clients’ employees. The breach was…
Category: Breach Incidents
FL: Ransomware group claims to have stolen data on 260,000 patients from Jax Spine and Pain Centers; victim remains silent (UPDATED)
Update of February 24, 2022: Jacksonville Spine Center, P.A. (JAX Spine and Pain Centers) reported a hacking incident to HHS on February 10 — the same date that this site first reported on claims by Avos Locker to have acquired data on 260,000 patients. JAX never responded to this site’s inquiries, but seems to have…
CareSouth Carolina hit with proposed class action lawsuit
ClassActions.org reports that CareSouth Carolina has been hit with a potential class action lawsuit. The caption is Mixon v. CareSouth Carolina, Inc. § 4:22-CV-00269 You can access a copy of the complaint at https://www.classaction.org/media/mixon-v-caresouth-carolina-inc.pdf The lawsuit stems from what the complaint describes as an attack against CareSouth in 2020 that was first reported to affected individuals…
Your morning reminder that health data breaches are … everywhere (updated)
Every day, I compile data on breaches or leaks involving medical or health data. Many of them never appear on this blog at all. Others will appear on this blog many months before the entity ever discloses the breach to regulators or those impacted. Many of the incidents I compile will not attract a lot…
Securitas misconfiguration exposed airport employee info
From SafetyDetectives: The SafetyDetectives cybersecurity team discovered a critical data leak affecting the prominent multinational security company, Securitas…. One of the company’s Amazon S3 buckets was left open, exposing over 1 million files. The data we observed related to airport employees from different sites across Colombia and Peru, and there could be entities from other nations with…
Hit by Conti ransomware in October, Medical Healthcare Solutions now notifying clients’ patients (Update 1)
On January 21, Medical Healthcare Solutions issued a statement on its website about a ransomware attack, although they do not state that it was a ransomware attack. Nor do they identify the incident as an attack by Conti, but it was. Medical Healthcare Solutions, Inc. (MHS), recently experienced a cyber-incident that impacted some protected health…