In a notice issued yesterday, Florida Medical Clinic (“FMC”) confirmed that unauthorized individuals gained access to its computer network and used ransomware to encrypt files. FMC detected suspicious activity on January 9, 2023, and the incident was fully contained within hours. FMC states they were able to “proactively isolate the exposure.” DataBreaches has sent them…
Category: Breach Incidents
Bone & Joint Clinic reports “network disruption” caused HIPAA breach of employee and patient information
Update of March 16: This was reported to HHS as affecting 105,094 patients. Bone & Joint has not replied to DataBreaches’ inquiry as to whether this was a ransomware incident or not. The Bone & Joint Clinic in Wisconsin has notified current and former employees as well as current and former patients of a data…
Bits ‘n Pieces (Trozos y Piezas)
CL: BlackCat confirms attack on Fonasa DataBreaches recently reported a malware attack on Chile’s National Health Fund (FONASA). There is an update to report: In a chat on Tox, BlackCat confirmed to DataBreaches that they are responsible for the attack and they say that they will announce it soon on their leaks page. A spokesperson…
PDPC penalizes Eatigo over data protection failures leading to 2020 breach
On October 31, 2020, Eatigo reported a data breach of customer data and that the data had been put up for sale on a popular forum. The Personal Data Protection Commission investigated and found that: the personal data for sale on the online forum did not match any current databases in use by the Organisation…
AT&T Notifying some wireless customers of vendor incident
AT&T has been notifying some wireless customers of an incident involving an unnamed vendor. In a notice sent to a customer who shared it with DataBreaches, AT&T wrote: AT&T’s commitment to customer privacy and data security is a top priority. We recently determined that an unauthorized person breached a vendor’s system and gained access to…
Northeast Surgical Group notifies 15,298 patients of a HIPAA breach, but doesn’t tell them their information has been dumped.
In January, the BianLian ransomware group added an unnamed medical group to their leak site. In February, they also posted a teaser on their BreachForums account. Although neither listing named the victim, DataBreaches was able to figure out that it was the Northeast Surgical Group (“NESG”) in Michigan. DataBreaches reached out to them multiple times,…