Update: On December 2, Sunshine Behavioral Health reported this incident to HHS as impacting 3500 patients. They also ticked the box for Business Associate. Update 2: On January 23, 2020, ID Experts submitted a copy of their notification to patients to the Vermont Attorney General’s Office. Another day, another leak. In this case, an error…
Category: U.S.
Medical supply firm notifies patients after phishing incident
Updated Nov. 20: This incident was reported to HHS as impacting 114007 patients. Original post: Solara Medical Supplies, LLC in Chula Vista, California is notifying some of their patients and employees after discovering that attackers had successfully gained access to some employees’ email accounts that contained employee and patient information. According to a press release…
Dallas man convicted of computer fraud, aggravated identity theft in hacking of New York-based tech company
Mathew Richards reports: Following a five-day trial, a Dallas man was convicted on Friday on charges for computer fraud and aggravated identity theft in connection with his hacking of a New York-based technology company, according to the U.S. Attorney’s Office and the Albany Field Office of the Federal Bureau of Investigation. 30-year-old Tyler C. King…
Utah Company Settles FTC Allegations it Failed to Safeguard Consumer Data
The FTC announced a settlement in a data security enforcement action against InfoTrax Systems, L.C. and its former CEO, Mark Rawlins. Here is their press release, below, followed by InfoTrax’s comments on the settlement: A Utah-based technology company has agreed to implement a comprehensive data security program to settle Federal Trade Commission allegations that the…
IL: Rockford Public Schools release details about ‘ransomware’ attack
WTVO reports: On Wednesday, Rockford Public Schools shared details about a devastating cyber attack the district suffered in September. The district continues to recover from the ransomware attack, a computer-based attack in which hackers install software on a remote computer system that encrypts files so the owners cannot access them without paying a ransom. According…
The University of North Carolina- Chapel Hill School of Medicine Notifying Patients After 2018 Phishing Incident
Some readers may have trouble accessing a notice from the School of Medicine at the University of North Carolina — Chapel Hill due to an issue with Chrome, so I’m embedding the whole notification below. TL;DR version: some employees fell for a phishing attack and their email accounts may have been accessed between May 17,…