Jessica Dyer reports: A month after discovering a computer server breach that may have compromised personal information for about 23,000 people, the University of New Mexico Foundation has begun sending notification letters about the incident. The foundation on Monday mailed letters to the “potentially affected” donors, annuitants, foundation employees and vendors, according to a spokeswoman…
Category: Breach Incidents
Is FBI Telling Hollywood to “Pay the Ransom?”
Tatiana Siegel reports that there have been “at least a half-dozen extortion attempts against Hollywood firms over the past six months alone, say sources in the cybersecurity industry.” And things are so bad, it seems, that: The frequency of the attacks has overwhelmed the FBI’s Los Angeles field office, which has been unable to properly…
UPDATE: iHealth Innovations responds to Bronx-Lebanon Hospital data security concern
Yesterday, DataBreaches.net reported on a misconfigured rsync backup that had been detected by Kromtech Security. The security firm had contacted DataBreaches.net for notification assistance on May 3 after unsuccessfully trying to notify iHealth Innovations that patient data from Bronx-Lebanon Hospital Center could be accessed and downloaded without any login required. One week later, we still do…
Confidential medical records from Bronx-Lebanon Hospital exposed online by vendor’s error
Vendor’s error appears to have exposed personal and confidential medical data of patients seen at Bronx-Lebanon Hospital Center since 2014; Records also include addiction histories, psych histories, and histories of physical or sexual abuse; Hospital investigating to determine what happened and who may have accessed data. By now, you may be tired of reading reports on misconfigured MongoDB installations…
Hard drive with medical information on 2,200 LSU Health patients stolen
Chad Calder reports: A hard drive containing the personal information of 2,200 LSU Health New Orleans patients was stolen in March, and while police quickly made an arrest, the hard drive has not been recovered, the LSU Healthcare Network said Friday. The network said the theft occurred in the Department of Neurology Research on or…
TheDarkOverlord dumps 180,000 patients’ records from 3 hacks
While thousands of their followers on Twitter seem to be eagerly waiting for TheDarkOverlord (TDO) to dump more tv films or episodes of popular series, TDO went non-fiction this morning, dumping patient/medical records from some of their hacks in the healthcare sector last year. All told, almost 180,000 patients had their personal information shared with the world. Two of…