Breach Incidents – Page 46 – DataBreaches.Net

HHS Statement Regarding the Cyberattack on Change Healthcare

Posted on March 6, 2024August 2, 2025 by Dissent

March 5. The U.S. Department of Health and Human Services (HHS) is aware that Change Healthcare – a unit of UnitedHealth Group (UHG) – was impacted by a cybersecurity incident in late February. HHS recognizes the impact this attack has had on health care operations across the country. HHS’ first priority is to help coordinate…

Update: Robert A. Purbeck, aka “Lifelock, to plead guilty in Atlanta

Posted on March 5, 2024September 5, 2025 by Dissent

In 2018, a criminal hacker known as “Lifelock” reached out to DataBreaches to share details about two healthcare entities that had not met his ransom demands. These entities were a dental practice in Menlo Park, California, and the Holland Eye Surgery & Laser Center in Michigan. The latter case drew more attention from DataBreaches due…

Fraudster’s fake data breach claims should remind media to be careful what we report

Posted on March 5, 2024 by Dissent

Over the past few weeks, DataBreaches had occasionally checked a dark web leak site by an individual or group called “Mogilevich.” However, DataBreaches didn’t report on any of their claimed victims because the site and the claims seemed sketchy and there was no confirmation. DataBreaches will not name and shame those sites or outlets that…

Developing: AlphV allegedly scammed Change Healthcare and its own affiliate (1)

Posted on March 4, 2024August 2, 2025 by Dissent

Developing: Someone claiming to be an “affiliate plus” for AlphV claims they were responsible for the Change Healthcare attack but that AlphV stole the payment Change Healthcare had made and suspended the affiliate’s account. The affiliate’s claims appeared on Ramp Forum and have been circulating since then. The post can be seen below, via @vx-underground:…

Three recent breach disclosures remind us how seldom timely breach notification is enforced under HITECH

Posted on March 4, 2024 by Dissent

Three recent data breach disclosures involving patient data all exceeded HIPAA’s 60-day deadline to notify HHS and individuals. Yakima Valley Radiology A breach involving the Washington state radiology service was added to Karakurt’s leak site in November 2023 with a listing claiming — without proof — that they had acquired 9.31 GB of files with financial…

Pharmaceutical giant Cencora reports cyberattack

Posted on February 28, 2024 by Dissent

Joe Warminsky reports: Global pharmaceutical corporation Cencora reported on Tuesday that it recently discovered that intruders had stolen data from its networks. The Fortune 500 company said in a regulatory filing that data from IT systems “had been exfiltrated” in an incident that came to light on February 21. Read more at The Record. The filing simply…