On August 1, DataBreaches noticed that Parathon by JDA e-Health had been listed on the Akira ransomware leak site. Neither Akira nor Parathon responded to DataBreaches’ inquiries at the time, as DataBreaches reported on August 6. On October 30, Parathon issued a notice of security incident. The notice stated, in part: On July 27, 2023,…
Category: U.S.
Anna Jaques Hospital’s computer system compromised by cyberattack
Dave Rogers reports: Days after what was called a cyberattack shut down Anna Jaques Hospital’s health record system on Christmas, hospital administrators are saying little about what caused the massive failure or whether the problem has been remedied. “Upon discovery, we immediately secured our environment and engaged cybersecurity professionals to assist in the investigation. While…
After cyber attack, New York hospitals find stolen patient info stored in Massachusetts, look for its return
Jeff Cole reports: Nearly four months after a cyber attack, Claxton-Hepburn Medical Center and Carthage Area Hospital have made progress in learning what stolen data may have been leaked, and where it was being stored. Now the hospitals have filed legal paperwork to get that data back. […] The hospitals and FBI have discovered where…
Mortgage firm LoanCare warns 1.3 million people of data breac
Bill Toulas reports: Mortgage servicing company LoanCare is warning 1,316,938 borrowers across the U.S. that their sensitive information was exposed in a data breach at its parent company, Fidelity National Financial. LoanCare is a sub-servicing and interim sub-servicing provider and a significant player in the mortgage servicing sector, handling approximately $390 billion in balances from…
Attorney General James Secures $300,000 from NewYork-Presbyterian Hospital for Failing to Protect Patient Data
December 27 NEW YORK – New York Attorney General Letitia James today secured $300,000 from The NewYork-Presbyterian Hospital (NYP) for disclosing the health information of individuals who visited their website. An investigation by the Office of the Attorney General (OAG) found that the hospital used advertising tools on its website that collected and shared private and personal…
Recent attacks on Fred Hutch and Integris: Is attempting to extort patients directly becoming the “new normal?”
DataBreaches previously reported a breach involving Integris Health in Oklahoma. The incident did not involve encryption, but the threat actors were reportedly contacting patients directly and offering to remove their protected health information for a small fee before leaking or selling the data of what they claim is more than two million patients. DataBreaches noted…