John Beauge reports: The man accused of downloading protected information of more than 1.2 million Geisinger Health System patients in 2023 will defend himself at his criminal trial. U.S. Middle District Judge Matthew W. Brann granted the motion of Max Vance to proceed pro se but assigned assistant public defender Gerald A. Lord as standby…
Category: U.S.
Episource notifying 5.4 million patients of cyberattack in January
Episource, LLC, is a business associate that provides healthcare technology and solutions, specializing in medical coding, risk adjustment, and data analytics for health plans and providers. On February 6, anomalous activity in their system alerted Episource to a potential attack. In response, they shut down computer systems, initiated an investigation, called in a special team,…
HealthEC Agrees to $5.48 Million Settlement to End Data Breach Lawsuit
Daniel Lopez reports: HealthEC LCC and its clients finally reached a settlement to resolve a class action data breach lawsuit involving a hacking incident and data breach in 2023. Analytics software vendor HealthEC, based in New Jersey, provides healthcare companies with a platform to determine high-risk patients and limitations to optimal healthcare. From July 14, 2023…
School Districts Unaware BoardDocs Software Published Their Private Files
Mark Keierleber has an interesting and concerning update on the BoardDocs breach previously reported by DataBreaches on June 1: BoardDocs, a software tool used by thousands of school boards to track meeting minutes and store confidential information, has suffered a data breach affecting districts nationally, The 74 has learned. Records at the center of the…
Help, please: Seeking copies of the PowerSchool ransom email(s)
Help, please: If anyone has a copy of the ransom note sent to PowerSchool in December 2024 or to PowerSchool clients on or about May 7, 2025, please email me a copy or upload it to me on Signal. I want to see not only the body, but the full header and signature. To reach…
Texas DOT investigates breach of crash report records, sends notification letters
Randall Case reports: A compromise of an account has led to improper downloads of a large number of crash records, the Texas Department of Transportation announced Friday. On May 12, TxDOT identified unusual activity in its Crash Records Information System (CRIS) and further investigation revealed the activity originated from an account that was compromised and…