Eventus WholeHealth, PLLC (“Eventus”) provides integrated primary care and mental health services to medically vulnerable adults. In a press release issued this week, they disclose a breach involving protected health information. “On June 1, 2022, we observed suspicious activity associated with a single Eventus email account, despite multifactor authentication on the account.” Comment: That statement…
Category: U.S.
United Health Centers of the San Joaquin Valley reaches agreement to settle data breach litigation
The Business Journal reports: A class action settlement has been reached in a lawsuit against United Health Centers of the San Joaquin Valley. The case, pending in Fresno County Superior Court, stems from an Aug. 28, 2021 data breach where United Health Centers (UHC) patient information including birth dates, Social Security numbers, diagnosis information codes, financial…
Doctor Admits Criminal HIPAA Scheme for Wrongful Disclosure of Protected Patient Health Information to Pharmaceutical Sales Representative
CAMDEN, N.J. – A former physician with medical practices in New Jersey, New York, and Florida admitted wrongfully disclosing patients’ protected personal health information, Attorney for the United States Vikas Khanna announced. Frank Alario, 65, of Delray Beach, Florida, pleaded guilty before Judge Robert B. Kugler to conspiring to wrongfully disclose patients’ individually identifiable health…
US Airports in Cyberattack Crosshairs for Pro-Russian Group Killnet
Jai Vijayan reports: Hot on the heels of attacks against US state government websites, pro-Russian threat group Killnet on Monday disrupted the websites of multiple US airports in a series of distributed denial-of-service (DDoS) attacks. It also called on similarly aligned groups and individuals to carry out DDoS attacks on other US infrastructure targets, in…
PG&E was publicly exposing partial SSN information of US consumers through its use of Experian Identity Verification questions.
Somehow I missed this one but it’s so significant that even though I am late with linking to it, I hope to make more people aware of it. @Lucky225 writes: I recently discovered PG&E will let you sign up for electricity online without providing your SSN. Their website offered an option for “Alternate Identification”, so…
State Bar of Georgia Notifies Members and Employees of Cybersecurity Incident
The State Bar of Georgia has notified members and employees of a cyberattack in April that resulted in access to the information of some current and former employees and members. The State Bar determined that the following personal information may have been accessed: name, address, date of birth, Social Security number, driver’s license number, direct deposit…