ChildFund in New Zealand has issued a public notice about a data breach involving a telemarketing company, Pareto Phone Limited. ChildFund had contracted with Pareto in 2014 to conduct fundraising activity on its behalf. ChildFund does not say when it may have stopped working Pareto, but Pareto suffered a cyberattack in April of this year…
Category: Breach Incidents
Oak Valley Hospital District notifies more than 280,000 patients of data breach
On September 15, Oak Valley Hospital District in California notified the state and HHS of a data security incident that began on April 21 and was first discovered on July 18. According to its notification, a copy of which is also posted on its website, Oak Valley could not rule out the possibility of unauthorized…
Data breaches put domestic abuse victims’ lives at risk, UK Information Commissioner warns
From the U.K. Information Commissioner’s Office: Warning comes after the ICO reprimands seven organisations in the past 14 months for data breaches affecting victims of domestic abuse. Most cases related to organisations inappropriately disclosing the victim’s home address to alleged perpetrators. Commissioner urges organisations to take responsibility for training their staff and putting appropriate systems…
AlphV claims to have hit MNGI Digestive Health — developing
MNGI Digestive Health (MNGI) in Minnesota is a physician-owned multi-center gastroenterology practice that has been recognized for its excellence. MNGI was previously known as Minnesota Gastroenterology, P.A., and was created by partnership of three independent practices: Digestive Healthcare, Gastroenterology Consultants, and St. Paul Gastroenterology. Unfortunately, excellence in medical practice and care does not immunize a…
Ransomware group claimed to have hit a New Jersey cardiology group. Did they?
On September 2, the NoEscape ransomware group added Mulkay Cardiology Consultants to their leak site and claimed to have successfully encrypted them. “We have 60GB of confidential and personal data on more than 30,000 patients, scans, doctor’s conclusions about patients and many other confidential information,” they claimed in their listing about the New Jersey medical…
Pain Care Specialists may be feeling the pain of a ransomware attack
It appears that Pain Care Specialists in Oregon became the victim of an attack by AlphV. The threat actors added the medical entity to their leak site earlier today with some files with personal information on employees and patients. AlphV’s listing noted that the breach occurred on September 13, and, “As a result of our…