On March 19, this blog linked to a TechCrunch report about an improperly secured Meditab fax server that potentially allowed fax images with patient information to be accessed from an analytics portal. The exposure had been found by SpiderSilk, a cybersecurity firm in Dubai, who estimated that 6 million images were potentially accessible. The TechCrunch…
Category: Breach Incidents
Klaussner Furniture Notified More than 9,000 Employees and Their Dependents of a Data Security Incident Involving Health Plan Data
Another day, another press release…. ASHEBORO, N.C., April 05, 2019 (GLOBE NEWSWIRE) — Klaussner Furniture Industries, Inc. (“Klaussner”) recently became aware that a data security incident that affected its operations could also have affected the personal information of certain current and former employees, as well as some of their dependents. However, after a thorough investigation…
Accounting firm notifies clients affected by Citrix Shareful incident
In December, 2018, Citrix forced a password reset for some of its clients due to what appeared to be a credential stuffing attack against ShareFile. But did some customers first find out about it March? On April 16, external counsel for LD Evans, CPA provided notification that began; On March 4, 2019, LD Evans learned…
Five months after disclosing a patient PHI breach involving employee email accounts, Metrocare discloses a second, identical, breach?
On April 5, Metrocare Services in Texas notified HHS that it was notifying 5,290 clients of a breach. A notice on their web site explains: On February 6, 2019, we learned an unauthorized third party gained access into some Metrocare employees’ email accounts beginning on January 2019. We immediately took steps to secure the accounts…
OH: Health Recovery Services notifying more than 20,000 patients after discovering unauthorized access that began in 2018
Health Recovery Services in Athens, Ohio, recently notified 20,485 patients after discovering in that an unauthorized IP address had accessed their network. The unauthorized access appears to have begun in November, 2018, and continued until the intrusion was discovered on February 5, 2019. Although investigation could not find any evidence that ePHI had been accessed,…
Thousands of identities, personal information published in FBI-related hack
Alex Johnson reports: A nonprofit organization affiliated with the FBI confirmed that hackers breached the web servers of multiple chapters and published the names and addresses of hundreds of law enforcement personnel and thousands of other people online. The hacked materials, which were released late last week and obtained Sunday by NBC News, include names,…