On November 4, Maxim Healthcare Group, including Maxim Healthcare Services and Maxim Healthcare Staffing (collectively “Maxim Healthcare”) issued a press release about a breach — a press release they describe as issued “out of an abundance of caution.” That sounds like they had an option not to disclose. I would think that they were required…
Category: Breach Incidents
Two providers in Colorado and Alabama report breaches, and a benefits administrator in Georgia also reports a cyberattack
The Urology Center of Colorado (TUCC) On September 8, TUCC detected an attack that began September 7. Their investigation revealed that patients’ name and one or more of the following data elements may have been date of birth, Social Security number, address, phone number, email address, medical record number, diagnosis, treating physician, insurance provider, treatment…
Update on impact of the Washington Central Unified Union School District ransomware attack
On October 28, this site noted a report that Washington Central Unified Union School District in Vermont had been the victim of an as-yet-unconfirmed ransomware attack. The district has now issued a notification that makes clear that personal and health information of students and personnel may have been accessed or acquired. Their announcement also indicates…
Reward Offers for Information to Bring DarkSide Ransomware Variant Co-Conspirators to Justice
PRESS STATEMENT NED PRICE, DEPARTMENT SPOKESPERSON NOVEMBER 4, 2021 The U.S. Department of State announces a reward offer of up to $10,000,000 for information leading to the identification or location of any individual(s) who hold(s) a key leadership position in the DarkSide ransomware variant transnational organized crime group. In addition, the Department is also offering…
Jukin Media hacked and data dumped; company claims a password reset is required due to a “security upgrade”
On Wednesday, Jukin Media posted a notice on its site requiring users to reset their passwords. They said the reset was due to a “security upgrade.” By now, whenever I see announcements about what seems to be an unplanned or unscheduled reset, I suspect a breach, so I reached out to Jukin Media’s Twitter team…
JEV Plastic Surgery & Medical Aesthetics notifies patients of malware incident
JEV Plastic Surgery & Medical Aesthetics in Maryland has issued a press release about a malware incident. According to their notice, an unauthorized actor accessed their systems and may have viewed or acquired certain patient information between April 30, 2021 and June 14, 2021. The types of personal and/or medical information that may have been accessible by…