DT staff reports: More than 200 current and former students of Pellissippi State Community College could be in danger of identity theft because an unauthorized user had access to their personal information, the school revealed Monday. Pellissippi State said it had notified 222 people whose information might have be been compromised through an email account…
Category: Breach Incidents
CT: Dr. DeLuca & Dr. Marciano Eye Associates notify almost 24,000 patients after ransomware attack
Another ransomware attack that could have been even worse, but the doctor’s office had backups and was able to restore from backup without paying the ransom demand — and their cyberinsurance policy helped pay for them notifying patients. The incident was reported to HHS by Dr. DeLuca & Dr. Marciano Eye Associates as affecting 23,578 patients. The…
FABEN Obstetrics and Gynecology notifies more than 6,000 patients after ransomware attack
On November 21, the FABEN OB/GYN practice in Florida got infected with GandCrab ransomware. They do not disclose how that happened, but the problem was detected quickly. To mitigate any damage or risk, FABEN decided to delete the infected files and restore files from backups. But they didn’t have backups of all files. Any files…
DHS: Emergency Directive 19-01
From the Department of Homeland Security: January 22, 2019 Mitigate DNS Infrastructure Tampering This page contains a web-friendly version of the Cybersecurity and Infrastructure Security Agency’s Emergency Directive 19-01, “Mitigate DNS Infrastructure Tampering”. Section 3553(h) of title 44, U.S. Code, authorizes the Secretary of Homeland Security, in response to a known or reasonably suspected information…
Valley Hope Association notifies patients after employee email hack
Note: VHA’s notice on their web site emphasizes that no diagnostic or treatment information was exposed. Given the nature of this provider, that will be a relief to many patients. Because this incident is not yet posted on HHS’s public breach tool, we do not yet have the number being notified. The following is VHA’s…
Ouch: Patient records found years later in his home by a former spouse of a former Hanger Clinic employee
Hanger Clinic in Florida posted the following undated notice on their site. DataBreaches.net had emailed them to ask when the notice was issued and how many patients were notified, but has received no reply as yet. Nor is this incident on HHS’s breach tool as of the time of this posting: This Notice applies only…