Vivienne Gulla reports: The records of around 42 million individuals are possibly affected by the 2023 data breach on Philippine Health Insurance Corporation (PhilHealth), according to the National Privacy Commission (NPC). NPC’s Maria Theresita Patula issued the statement during Monday’s oversight hearing of the House Committee on Appropriations regarding the budget of PhilHealth and the…
Category: Breach Incidents
Operation Morpheus: Europol coordinates global action against criminal abuse of Cobalt Strike
Europol issued the following press release on July 3: Law enforcement has teamed up with the private sector to fight against the abuse of a legitimate security tool by criminals who were using it to infiltrate victims’ IT systems. Older, unlicensed versions of the Cobalt Strike red teaming tool were targeted during a week of…
Florida Community Health Centers to notify almost 300,000 of ransomware attack
As DataBreaches recently reported, in June 2023, SysInformation Healthcare Services d/b/a EqualizeRCM discovered a ransomware attack. One year later, we still don’t know how many clients and patients were affected. But SysInformation wasn’t the only entity that suffered a ransomware attack in June 2023 that hadn’t sent notifications by now. Florida Community Health Centers (FCHC)…
Insider Threat: Fake Therapist Fooled Hundreds Online Until She Died, State Records Say
In April 2023, Brightside Health, Inc. reported a breach to HHS that affected 767 patients. The incident was coded as “unauthorized access/disclosure” of information located in “EMR, other.” HHS’s closing statement on the public breach tool described the incident this way: The covered entity (CE), Brightside Health, reported that an unauthorized individual accessed the protected…
How many clients and patients were affected by a ransomware attack on EqualizeRCM? We have no idea.
On August 17, 2023, SysInformation Healthcare Services, LLC, d/b/a EqualizeRCM (“SysInformation”) notified HHS of a breach. The firm, a business associate that provides revenue and billing cycle management services, reported that 501 patients had been affected. That number is generally interpreted as a placeholder marker when the entity has not yet figured out the real…
Infosys McCamish Systems ransomware attack affected more than 6 million people
Infosys McCamish Systems (“IMS”) in Atlanta provides software and services to the life insurance industry. In October 2023, it was the victim of a ransomware attack that affected 6,078,263 people. As they explain in a notification to the Maine Attorney General’s Office, they were providing notification on their own behalf as a data owner and…