Breach Incidents – Page 156

National Association of Community Health Centers to notify current and former employees of data breach

Posted on January 8, 2022 by Dissent

The National Association of Community Health Centers (NACHC) will start mailing letters on Monday to 935 current and former employees to inform them of a data breach last year. According to a copy of their notification letter that was submitted to the Maine Attorney General’s Office, on October 16, NACHC discovered that certain systems had…

Compton and Broomhead Dental Center alleged victim of cyberattack

Posted on January 7, 2022 by Dissent

It’s one thing to ignore ransom demands from threat actors, but how smart — or foolish — is it to be sarcastic or insulting to those who have exfiltrated files with your patients’ protected health information? DataBreaches.net was recently contacted by threat actors who were previously associated with other groups. They claimed to have attacked…

Out with the old, in with the new? Saltzer Health, Broward Health report data breaches impacting protected health information

Posted on January 2, 2022 by Dissent

Saltzer Health, Idaho As 2021 wound down, Saltzer Health in Idaho reported a breach it had discovered on June 1. According to their notification, an employee’s email account had been compromised. Investigation showed the access began on May 25. On December 29, Saltzer issued a notice that disclosed the incident and reported that the types…

UVA Health notified patients after Ciox Health data breach (updated)

Posted on January 1, 2022 by Dissent

Someone on Twitter asked me what the first breach of 2022 would be. The following public notice is not the first breach of 2022. It is a 2021 breach that just showed up after midnight in my news search this morning. And because it involves a third-party breach, we may see other covered entities affected,…

The Medical Review Institute of America notifies patients of ransomware incident (updated)

Posted on December 23, 2021 by Dissent

The Medical Review Institute of America (“MRIoA”) collects protected health information (PHI) as part of providing clinical peer review for covered entities that request it (if the patient consents to provide info for the review). MRIoA was hit with ransomware in November. And although they do not directly state that they paid ransom, it sounds…

Threat actors pose as pharmacists, get business associates to send them patient records

Posted on December 16, 2021 by Dissent

Harbor Health in Massachusetts has notified at least one patient whose data was compromised by an attack on ScansStat Technologies. According to a December 13 letter from Jesse A. Shipley, HHSI’s Director of Compliance & Risk Management, on November 12, ScansStat Technologies informed them that bad actors posing as pharmacies had managed to get ScansStat…