20/20 Eye Care Network, Inc. is a managed vision care company in Florida that offers administrative services to health plans. 20/20 Hearing Care Network expands those services into hearing care. On May 28, 20/20’s Chief Compliance Officer notified the Maine Attorney General’s Office of an incident in which their Amazon AWS S3 buckets were accessed…
Category: U.S.
MA: Sturdy Hospital pays ransom after patient information is stolen
Updated June 1: External counsel for the hospital notified the Maine Attorney General’s Office that this incident resulted in notifications to 42,336 people and that those affected were offered two years of Experian credit and identity monitoring services. Updated June 3: It seems that on May 28, they notified HHS that they notified 57,379, so…
UMD-Baltimore updates Accellion breach notification after finding PII and PHI involved
On April 1, DataBreaches.net reported that the University of Maryland, Baltimore was one of the educational entities impacted by the CLOP hack and exfiltration of Accellion client data, but that neither UMD nor Accellion even knew that until the last week in March. This week, the university issued an updated press release that reveals that…
Hoboken Radiology reveals breach of imaging server that began in 2019
Hoboken Radiology LLC in New Jersey issued a press release yesterday about an incident that began in June, 2019. The full text of the release is below the separator. DataBreaches.net has sent an inquiry to the practice asking them who informed them in November — was it law enforcement, a vendor, a researcher, or their…
Caravus impacted by Netgain Technology breach because vendor failure to destroy legacy data
I’ve continued to add updates to a post about the Netgain Technology breach. Keep in mind that the ransomware incident occurred in November, 2020, and since January, we have seen entities disclosing the incident. But one disclosure today is somewhat frustrating to read — and not just for the delay in notification, but for the…
FL: Safeguard lapse allowed student to access and disrupt Pinellas County school computer system, police say
Walt Buteau reports: A computer system safeguard that the Pinellas County School District was paying for unknowingly lapsed this year, allowing a 17-year-old student to access and disrupt the district’s system, according to school officials. According to a St. Petersburg police arrest affidavit, the high school student allegedly broke into the district computer network March…