As I commented this week: protected health information or medical information can be found in so many breaches involving entities that may not sound “medical” to you. Today, this site is posting two such notifications. Here’s the second one. LAS VEGAS, Sept. 24, 2021 /PRNewswire/ — Golden Entertainment, Inc. (“Golden”) is notifying individuals of an incident that…
Category: Breach Incidents
Council on Aging of Southwestern Ohio notifies clients after employee email account compromsed
As I commented this week: protected health information or medical information can be found in so many breaches involving entities that may not sound “medical” to you. Today, this site is posting two such notifications. Here’s the first. BLUE ASH, OHIO, September 24, 2021 – On July 27, 2021, Council on Aging of Southwestern Ohio (COA) experienced…
United Health Centers of San Joaquin Valley remains publicly silent after ransomware attack
Threat actors known as Vice Society have disclosed another attack on the healthcare sector. This time, the victim is United Health Centers of the San Joaquin Valley in California. Lawrence Abrams of BleepingComputer reports: On August 31st, BleepingComputer was told by a source in the cybersecurity industry that United Health Centers was reeling from a…
Reports of ePHI breaches are everywhere, but not always were you might look
There are a number of journalists or sites that monitor news and legal notices for disclosures of breaches involving protected health information (PHI). And it’s tempting, when you see that the entity is a business, to just skip on by. But don’t. If a business has a health plan for employees, then they may be…
IN: Carmel Clay Schools notifying 15,817 after compromise of employee email accounts
On February 24, 2021, Carmel Clay Schools in Indiana discovered suspicious activity involving employee email accounts. Their investigation revealed that there had been unauthorized access between February 15 – February 24. It took the district, working with third-party forensic specialists, until August 31 to determine everyone who may have had personal information in the compromised…
VA: Greensville County Public Schools hit by Grief threat actors
Grief threat actors have added another k-12 district to their list of victims who have refused to pay their ransom demands. Greensville County Public Schools in Emporia, Virginia was added to Grief’s dark web leak site on September 21. But by September 15, the district had already disclosed that they were dealing with a cyberware…