On March 10, 2025, Vision Upright MRI notified HHS of a breach affecting 23,031 patients, but there was nothing posted on their website to explain the breach. A press release issued by HHS today provides some explanation for the incident that involved the medical images of 21,778 patients. From their release: OCR initiated a compliance…
Category: U.S.
RIBridges firewall worked. But forensic report says hundreds of alarms went unnoticed by Deloitte.
Alexander Castro reports: A cybercriminal group breached the state’s public benefits portal last July, lingered inside the network’s backend for five months, and triggered hundreds of firewall alerts when it transferred gigabytes of Rhode Islanders’ data to its own servers in November. But RIBridges system vendor and manager Deloitte, a multinational firm valued at $67.2 billion last…
Cyberattacks on Long Island Schools Highlight Growing Threat
I’d called it an “ongoing threat,” but …. Maggie MacAlpine reports: In a concerning development, over 20 school districts across Long Island have fallen victim to cyberattacks, compromising the personal data of more than 10,000 students. According to state education records, 28 incidents were reported in 2024 alone, affecting districts such as Great Neck, Smithtown,…
Department of Justice says Berkeley Research Group data breach may have exposed information on diocesan sex abuse survivors
Daniel Payne reports: The U.S. Department of Justice says a recent data breach of a California consulting firm exposed data of Catholic clergy abuse survivors in nearly a dozen bankruptcy lawsuits. In a May 6 letter addressed to attorneys at law firm Proskauer Rose LLP, the Justice Department’s Nan Eitel, the associate general counsel for Chapter…
Data Breach at Fowler Elementary School District: The Interlock Ransomware Group’s Attack
It sounds like yet another K-12 school district has fallen prey to a cyberattack that it never successfully detected or thwarted quickly. SuspectFile reports: The Fowler Elementary School District, located in Phoenix, Arizona, has reportedly fallen victim to a cyberattack involving what may be a substantial volume of sensitive data. The incident was claimed by…
Behavioral Health Resources of Washington state updates its data breach disclosure
On January 17, Behavioral Health Resources (“BHR”) notified the U.S. Department of Health and Human Services (HHS) of a reportable breach, but not yet having determined the number affected, they used “501” as a placeholder. They also published a preliminary notice on their website. That notice indicated that on or about November 20, 2024, they…