On May 30, South Walton Fire District learned of unauthorized access to their network. Investigation revealed that patients’ potentially affected information included: names, addresses, Social Security numbers, dates of birth, treatment dates, medical diagnostic and treatment information, and health insurance information for patients transported by or treated by SWFD. Local media reports those potentially at risk…
Category: Breach Incidents
Update: Norman Public Schools’ employee and student leaked on dark web by ransomware gang
On Nov 4, DataBreaches noted that Norman Public Schools (NPS) in Oklahoma reported what they described as a “malicious ransomware attack.” Since then, the district has worked to restore all services. Because the district did not respond to the threat actors’ ransom demands, this week the Hive ransomware team publicly claimed responsibility for the attack…
Community Health Network notifies patients of meta pixel breach
Community Health Network in Indiana has become the latest healthcare entity to notify patients that their protected health information was transmitted via trackers on their website from Google and Meta. Their FAQ page attempts to explain it in basic English and does a good job, but there’s no getting around this: Any individual who visited…
DOCS Medical Group discloses September ransomware incident
DOCS Medical Group is an urgent care and primary care provider in Connecticut with multiple locations. They also provide telemedicine services. On September 7, DOCS detected abnormal activity that was quickly identified as a ransomware attack. According to their notification letter to patients dated November 7, an unspecified number of patients had their information on…
Michigan prosthetics and orthotics provider discloses ransomware attack back in January (Updated)
Wright & Filippis, a well-known orthotics and prosthetics provider in Michigan, issued a press release yesterday about a cyberattack between January 26 and January 28, 2022. While the press release is not specific about the nature of the attack, a companion FAQ indicates that the attack resulted in the deployment of ransomware. Wright & Filippis…
AirAsia victim of ransomware attack, passenger and employee data acquired
AirAsia Group* pledges to be responsible when gathering personal information and to protect privacy “in every possible way.” That’s not a contract, mind you, but just an expression of their commitment. On November 11 and 12, AirAsia Group fell victim to a ransomware attack by Daixin Team. The threat actors, who were the topic of…