The following press release is not the first press release we have seen from NHS Management, LLC, a business associate in Alabama. Coverage of a previous press release in January can be found on this site, here. Comparing the new press release, below, to the previous one, it appears that ongoing investigation revealed that the…
Category: U.S.
MO: Capital Region reaching out to patients about cyberattack
The News Tribune reports that the Capital Region Medical Center in Missouri has started notifying patients whose protected health information (PHI) was accessed during a ransomware incident in December, 2021 that left their phone systems and network down for several days. CRMC had disclosed the incident promptly but had not been able to immediately determine…
Altoona Area School District data shows up on dark web months after cyberattack
Nicole Fuschino reports: A.A.S.D. Superintendent Dr. Charles Prijatelj said this morning that back in early December of last year the school had an attack on their “routing server” after which they started working with a high-end security software on all of the district servers. However, this week district administration was contacted by employees saying they…
After delaying notification so as not to interfere with criminal investigation, GreenSlate makes notification of data breach
GreenSlate is notifying employees of some of its clients about a breach involving a rogue Canadian employee. According to their notification template submitted to the California Attorney General’s Office, on December 22, 2021, the firm’s security team detected that between December 10 and December 15, 2021, an employee in Canada had downloaded scanned paperwork and…
Protenus releases the 2022 Breach Barometer report on health data breaches: More than 50 million affected
Protenus, a healthcare compliance analytics company, has released its annual Breach Barometer report. Protenus has been making its annual report on health data incidents freely available since 2016 as the result of an ongoing collaboration between the firm and DataBreaches.net. DataBreaches.net compiles incidents and provides some of their statistical analyses and is compensated for its…
Unable to determine what files were accessed, Norwood Clinic notifies all 228,103 patients
Norwood Clinic in Birmingham, Alabama is notifying 228,103 patients of a hacking incident that left them unable to determine what, if anything, had been accessed. In a notification to the Maine Attorney General’s Office, the clinic’s external counsel reported that the breach began on September 20 and was discovered on October 22. The types of…