For the past few years, this site has covered litigation against Athens Orthopedic Clinic in Georgia related to their hack by thedarkoverlord in 2016. The lawsuit against the clinic, filed by a patient, made it all the way to the Georgia Supreme Court on the issue of whether under Georgia state law, the plaintiff had…
Category: Breach Incidents
An old HIPAA incident rears its very ugly head again
Like other journalists who cover data breaches in the healthcare space, I routinely check HHS’s public breach disclosure tool (sometimes called “The Wall of Shame”) to see what breaches have been reported to them and with what numbers. One of the recent entries was from a “Stephan C. Dean” who listed himself as a business…
Town of Houlton Police discloses malware attack — again.
On March 17, the Town of Houlton, Maine disclosed that they had experienced a malware attack. According to their disclosure, on October 16, 2019, they discovered that part of their network had been locked up by a virus that prevented access to files. The department was able to quickly restore from backup, and claim that…
Weibo Confirms 538 Million User Records Leaked, Listed For Sale on Dark Web
Caiwai Chen reports: Rumors have spread after Wei Xingguo (Yun Shu), CTO of Chinese Internet security company Moresec and former chief of Alibaba’s Security Research Lab posted on Weibo that millions of Weibo users’ data had been leaked on March 19. Wei claimed that his own phone number was leaked through Weibo and had received…
Ransomware attackers pledge to back off attacking medical entities during pandemic
“We’re all in this together” took on new meaning yesterday when a ransomware gang published a statement saying that they were offering their victims (whom they refer to as “partners”) discounts. And in response to an inquiry by Lawrence Abrams of Bleeping Computer, Maze Team also committed to not attacking medical entities during this pandemic…
Health Quest still first notifying people of July, 2018 breach in January, 2020
Having to go through numerous email accounts to determine which consumers, employees, or patients, have information in them that will necessitate notification can be a time-consuming task. In June, 2019, this site reported on what appeared to be a very long gap between discovery of a breach and notification to those affected. As reported then,…