In February, HHS added an incident to their public breach tool involving Pennsylvania Adult & Teen Challenge, an addiction treatment center. In July, 2020, PPATC had discovered that an unauthorized individual had accessed some employee email accounts. A forensic investigation could not determine what information in those accounts had been accessed, and they wound up…
Category: U.S.
Update on Cuyahoga Metropolitan Housing Authority ransomware incident
As reported previously, on February 10, Cuyahoga Metropolitan Housing Authority became a victim of the DoppelPaymer ransomware operators. SuspectFile had noted that the threat actors were already dumping data less than two weeks later. Counsel to CMHA recently notified the Maine Attorney General’s office that a total of 189,008 people were impacted by the attack….
ParkMobile Breach Exposes License Plate Data, Mobile Numbers of 21M Users
Brian Krebs reports: Someone is selling account information for 21 million customers of ParkMobile, a mobile parking app that’s popular in North America. The stolen data includes customer email addresses, dates of birth, phone numbers, license plate numbers, hashed passwords and mailing addresses. KrebsOnSecurity first heard about the breach from Gemini Advisory, a New York City based…
Florissant dialysis center faces class-action lawsuit after I-Team investigates
PJ Randhawa reports: A popular Florissant dialysis clinic is the subject of a class-action lawsuit after an I-Team report uncovered the facility “lost” the medical records of up to 60 patients. In July, the I-Team found dozens of private medical records for DaVita Dialysis patients dumped behind an abandoned building in north St. Louis. We…
CareFirst BlueCross BlueShield Community Health Plan District of Columbia discloses breach
Maggie Miller and Laura Kelly report: CareFirst BlueCross BlueShield’s Community Health Plan District of Columbia (CHPDC) suffered a data breach carried out by what it described as a “foreign cybercriminal” group in January that potentially impacted sensitive data, the company told customers this week. The insurance provider notified customers in writing through a letter obtained…
Follow-up: Adventist Health Physician’s Network fined $40,000 for 2018 breach incident
Jeremy Childs reports: Adventist Health Physician’s Network, a hospital in Simi Valley, was fined $40,000 as part of a civil privacy settlement this week, according to the Ventura County District Attorney’s Office. The settlement stems from an incident in October 2018 when private medical files were found inside a storage unit in Simi Valley. The…