Over the past few months, I have regularly checked Maze Team’s website to see if any of the entities they are listing are in the healthcare space. As I reported in the past, Maze Team did hit a number of healthcare-related entities, not all of which have been named on their website. But there were…
Category: Breach Incidents
Urgent care walk-in centers in Texas and Florida suffer cyberattacks
Attacks on the healthcare sector continue, but as this blogger observed in reporting on hacks by thedarkoverlord, it’s often the attackers who first reveal the breaches while the victims may not even reply to inquiries. AffordaCare Urgent Care Clinic is a walk-in urgent care clinic network in Texas that advertises that they can provide care…
Sunshine Behavioral Health Group Faces Class Action Under CCPA After Data Breach Affecting 3,500 Patients
Linn F. Freedman of Robinson & Cole LLP writes that Sunshine Behavioral Health Group is facing a potential class action lawsuit. The case is Fuentes v. Sunshine Behavioral Health Group LLC and it was filed this week in the Central District of California. The case is drawing some attention because it it one of the…
Card data from breached Volusion platform shows up on dark web
Payment card data stolen from an e-commerce platform last year has already netted criminals $1.6 million in card data sales on the dark web. And according to a new report out today, that’s just from the initial card data offering. Stas Alforov and Christopher Thomas of Gemini Advisory report that a Magecart attack on Volusion…
NY: Ransomware attack on Jordan Health causes computer shutdown
WROC reports: A ransomware attack at Jordan Health caused the center to take precautions and shut down computers at the facility. […] So far, forensics show patient data was not accessed. That information is stored on a separate and encrypted server that was not targeted in the attack. Read more on RochesterFirst.
Rady’s Children’s Hospital notifies patients whose data were accessed via an open port
Rady’s Children Hospital in San Diego has been notifying patients whose information was accessed without authorization via an open port on the Internet. According to their notification, reproduced below, the unauthorized access first occurred on June 20, 2019, and was discovered on January 3, 2020. They do not explain how they first became aware of…