Over on PogoWasRight.org this morning, I linked to a post by Eric Goldman involving litigation over a medical privacy breach. One plaintiff claimed to have suffered significant harm in her life due to a hospital employee mailing her information to an unrelated third party who then posted it online. I mention that case because although…
Category: U.S.
Southampton County, Virginia reports ransomware incident (updated)
Add Southampton County in Virginia to any list you may be keeping of governments hit by ransomware. According to their notification: On September 6, 2022, a single server at Southampton was encrypted by a cyber criminal. Fortunately, Southampton fought off this cyber-attack with no interruption to essential County operations. However, after Southampton recovered from this…
No Need to Hack When It’s Leaking, Friday Global Edition
For today’s episode of “No Need to Hack When It’s Leaking,” DataBreaches brings you three leaks involving patient/medical information: one from the U.S., one from India, and one from Australia. Tridas Center Jeremiah Fowler and the Website Planet research team discovered an unsecured database containing more than 16,000 records with personally identifiable information about pediatric…
FL: South Walton Fire District notifies patients of breach
On May 30, South Walton Fire District learned of unauthorized access to their network. Investigation revealed that patients’ potentially affected information included: names, addresses, Social Security numbers, dates of birth, treatment dates, medical diagnostic and treatment information, and health insurance information for patients transported by or treated by SWFD. Local media reports those potentially at risk…
Update: Norman Public Schools’ employee and student leaked on dark web by ransomware gang
On Nov 4, DataBreaches noted that Norman Public Schools (NPS) in Oklahoma reported what they described as a “malicious ransomware attack.” Since then, the district has worked to restore all services. Because the district did not respond to the threat actors’ ransom demands, this week the Hive ransomware team publicly claimed responsibility for the attack…
Community Health Network notifies patients of meta pixel breach
Community Health Network in Indiana has become the latest healthcare entity to notify patients that their protected health information was transmitted via trackers on their website from Google and Meta. Their FAQ page attempts to explain it in basic English and does a good job, but there’s no getting around this: Any individual who visited…