On February 15, yours truly created an entry in the worksheet I maintain for tabulating U.S. incidents involving health data or protected health information. The entry listed “Capital Medical Center” in Washington as the breached entity, the date of disclosure as February 15, 2021, and the type of incident as a claimed ransomware attack by Avaddon…
Category: Breach Incidents
CZ: Three weeks after ransomware attack, Olomouc continues to recover while still being threatened by threat actors
On April 9, DataBreaches.net noted a report that the municipality f Olomouc had suffered a cyber attack on April 7. There were almost no details other than the municipality estimated it might take two weeks to fully restore services. Since then, a few more details have emerged. We now know that it was the Avaddon…
Milan, the pharmaceutical company Mipharm SPA victim of a hacker attack
Marco A. De Felice reports: The group of cybercriminals Sodinokibi (REvil) has published some screenshots of the data stolen during the cyber attack on the servers of the Milanese pharmaceutical company. Read more on SuspectFile. Mipharm.it is just one of two pharmacological research firms noted on threat actors’ sites recently. Avaddon threat actors claim to…
Es: A cyber attack affected the city council of Xixona
The municipality of Jijona/Xixona in Spain has issued a notice about a cyberattack, but there are not many details. The notice on their web site, posted on April 23, says that the attack has seriously crippled city services (translated): The technicians are trying to reset the computer system and we hope we can fix it…
Will Beacon Health Solutions’ incident prompt OCR to start enforcing notification “without undue delay?”
The following is a DataBreaches.net commentary. Beacon Health Solutions issued a press release yesterday about a breach they experienced last year as a business associate. Their press release provides a useful example of why OCR needs to get serious about enforcing the requirement that entities notify patients within 60 days of “discovery.” “Discovery” does not…
Domino’s India Allegedly Hacked: 7 Years of Internal Docs, 10 Lakh Credit Cards on Sale for Rs 3.4 Crore
Shouvik Das reports: Domino’s India, the popular pizza delivery chain, reportedly faced a data breach that includes internal company documents of the past seven years, private data belonging to over 250 employees, customer details from over 18 crore food orders and over 10 lakh credit cards that may have been saved during checkout and payments. The…