On October 25, Lake Charles Memorial Health System (LCMH) in Louisiana received an email that began, “Ladies and gentlemen! Attention, please! This is Hive Ransomware Team.” The remainder of the email stated that Hive had been in LCMH’s network for 12 days and had exfiltrated 270 GB of files including patient and employee data. A…
Category: U.S.
Five Former Methodist Hospital Employees Charged with HIPAA Violations
Criminal prosecutions under HIPAA are still relatively rare. Here’s one reported by the U.S. Attorney’s Office in the Western District of Tennessee on November 10: Memphis, TN – A federal grand jury has indicted five former Methodist Hospital employees for conspiring with Roderick Harvey, 40, to unlawfully disclose patient information in violation of the Health Insurance…
MI: Ransomware attack responsible for shutdown affecting Jackson, Hillsdale schools
Martin Slagter reports: Jackson County Intermediate School District officials took network systems offline after technology staff determined suspicious activity to be the result of a “ransomware incident.” Public school districts in both counties canceled classes Monday, Nov. 14, with the system outage impacting a wide range of building operations including but not limited to heating,…
Surprise: Daniel Kaye, operator of The Real Deal, pleads guilty to one count, is sentenced to time served, and is released.
It seems like only weeks ago that the U.S. Attorney’s Office for the Northern District of Georgia was trumpeting the arraignment of Daniel Kaye, who had been indicted last year. Oh wait, it was only weeks ago. Kaye, also known as “Popopret,” “Bestbuy,” “TheRealDeal,” “Logger,” “David Cohen,” “Marc Chapon,” “UserL0ser,” “Spdrman,” “Dlinch Kravitz,” “Fora Ward,”…
New York-Presbyterian Hospital discloses breach affecting 12,000 patients
New York-Presbyterian Hospital posted a notice on their website on November 11. The incident has not yet shown up on HHS’s public breach tool, but undoubtedly will. Here is the description of the incident, as provided by the hospital: On September 8, 2022, NewYork-Presbyterian Hospital’s data security monitors received an alert of suspicious activity on…
CO: Salud Family Health breached in September, leaked in November
On October 5, Salud Family Health in Colorado notified HHS of a breach, but only provided a “marker” of 501 affected. On November 4, they provided notice that said the types of information that might have been accessed or taken included in a cyberattack included: patients’ name, Social Security number, driver’s license number or Colorado…