Like other journalists who cover data breaches in the healthcare space, I routinely check HHS’s public breach disclosure tool (sometimes called “The Wall of Shame”) to see what breaches have been reported to them and with what numbers. One of the recent entries was from a “Stephan C. Dean” who listed himself as a business…
Category: Breach Incidents
Town of Houlton Police discloses malware attack — again.
On March 17, the Town of Houlton, Maine disclosed that they had experienced a malware attack. According to their disclosure, on October 16, 2019, they discovered that part of their network had been locked up by a virus that prevented access to files. The department was able to quickly restore from backup, and claim that…
Weibo Confirms 538 Million User Records Leaked, Listed For Sale on Dark Web
Caiwai Chen reports: Rumors have spread after Wei Xingguo (Yun Shu), CTO of Chinese Internet security company Moresec and former chief of Alibaba’s Security Research Lab posted on Weibo that millions of Weibo users’ data had been leaked on March 19. Wei claimed that his own phone number was leaked through Weibo and had received…
Ransomware attackers pledge to back off attacking medical entities during pandemic
“We’re all in this together” took on new meaning yesterday when a ransomware gang published a statement saying that they were offering their victims (whom they refer to as “partners”) discounts. And in response to an inquiry by Lawrence Abrams of Bleeping Computer, Maze Team also committed to not attacking medical entities during this pandemic…
Health Quest still first notifying people of July, 2018 breach in January, 2020
Having to go through numerous email accounts to determine which consumers, employees, or patients, have information in them that will necessitate notification can be a time-consuming task. In June, 2019, this site reported on what appeared to be a very long gap between discovery of a breach and notification to those affected. As reported then,…
Why ransomware continues to knock on healthcare’s door, enter, and create havoc
“Adam” writes: My name is Adam, and I’ve worked in the healthcare industry for over 15 years. In my current line of work, I assist healthcare facilities across the U.S. with their overall cybersecurity posture, ranging from physical and technical security controls to security incident response in conjunction with disaster recovery and business continuity planning. My…