JEV Plastic Surgery & Medical Aesthetics in Maryland has issued a press release about a malware incident. According to their notice, an unauthorized actor accessed their systems and may have viewed or acquired certain patient information between April 30, 2021 and June 14, 2021. The types of personal and/or medical information that may have been accessible by…
Category: Breach Incidents
‘It made me sick’: Box of medical records ends up on Gastonia man’s doorstep
Jason Stoogenke reports from North Carolina: A Gastonia man found a box of medical records on his front porch that contained Social Security numbers, birthdays and other personal information of dozens of people. […] The label on the box indicated that it was from Concentra, a company that runs medical offices specifically for people hurt…
If you need to notify abuse survivors of a data breach, is it acceptable to take more than one year to notify them?
Urban Resource Institute in New York City provides shelter and services to victims of domestic abuse, homeless people, and individuals with developmental disabilities. On May 20, 2020, they were the victim of an attack on employees’ email accounts. Unusual network activity was first noticed on July 23, 2020, but it wasn’t until October, 2020 that…
Community Medical Centers notifying 656,047 patients of ransomware incident
Community Medical Centers, Inc. (“CMC”) is a non-profit community health center serving San Joaquin, Solano, and Yolo counties in Northern California. On October 10, 2021, they shut down many of their systems after detecting unusual activity on the network. In their notification to California’s Attorney General, they reported that they found evidence that indicated unauthorized…
Shoot-the-Messenger, Monday edition: ActMobile threatens researcher whose only sin was trying to let them know they are leaking data
On October 12, researcher Bob Diachenko tweeted: Since Fri I’ve been trying to get in touch with someone from ActMobile [@ActMobile] to responsibly alert that their VPN userbase (45M+) info (email, pwd, IPs, devices etc) is exposed to public but no luck. Incl. but not limited to @DashVPN, https://t.co/sdN3byHNcJ. Anyone? — Bob Diachenko (@MayhemDayOne) October…
WA: Sea Mar Community Health Centers discloses breach that began last year
Sea Mar Community Health Centers in Washington state is a community-based organization that describes itself as being committed to providing quality and comprehensive health, human, housing, educational and cultural services to diverse communities, specializing in service to Latinos in Washington state. On some exact date that is unknown to DataBreaches.net, threat actors gained access to…