And once again, people rush to file potential class action lawsuits following a breach. It has been less than one month since Tandem Diabetes Care notified patients of a phishing incident that may have compromised personal and protected health information. But now one of those notified has filed a complaint in federal court, alleging, among…
Category: Breach Incidents
Personal Touch and Crossroads Technologies sued after Maze Team attack
As reported by TopClassActions: A former patient says that home health provider Personal Touch failed to protect patients and customers from a ransomware attack on their computerized records. The hospital ransomware class action lawsuit was filed by plaintiff Lugenia Booker, who says that her personal information was included in the computer records of Personal Touch Holding…
Less than two weeks after an Indiana hospital reported a phishing-related HIPAA breach, they had a second one
I was working today on adding details to spreadsheets that I use in calculating the gap between breach and discovery, and between discovery and notification. One of the incidents I was looking into today involved a report from Lafayette Regional Rehabilitation Hospital in Indiana. On November 25, they learned that in July, 2019 someone had…
London firm on standby to test therapeutics for COVID19 notifies volunteers about March attack by Maze Team
Hammersmith Medicines Research (HMR) in London takes pride in their record as specialists in pharmacology phase 1 and early phase 2 clinical trials — the kinds of trials that are needed before new medications can be approved for use by the public — and the kinds of trials that will be needed if new therapeutics…
ReportaClaim may need to report a leak
Pennsylvania-headquartered ReportaClaim.net describes itself as gateway for stand alone companies, professional employer organizations (PEOs), staffing companies, and their clients to submit worker injury reports. In order to do that, they necessarily collect a lot of personal and medically-related information such as the employee’s full name, the employer, the employee’s job position, the date of injury,…
Stockdale Radiology’s notification may confuse readers
On January 18, the ransomware group known as Maze Team, notified me via email that one of their “partners” (victims) was Stockdale Radiology. They provided me with sample data to prove it. I reported on it without naming the medical center on January 21. On January 28, I named Stockdale Radiology in a post after…