On June 1, Healthback Holdings, LLC in Oklahoma discovered that they had been subject to a hacking incident that began in October 2021. “A limited number” of employee accounts were compromised. On July 29, Healthback notified HHS that 21,114 patients were affected. Their notice says that names, health insurance information, Social Security numbers, and clinical…
Category: Commentaries and Analyses
Update: Goodman Campbell Brain and Spine ransomware incident affected 362,833 patients and employees
On June 9, DataBreaches reported that Goodman Campbell Brain & Spine in Indiana had apparently become a ransomware victim of Hive threat actors on or about May 20. The threat actors added the medical practice to their dedicated leak site on June 8 and leaked a “proofpack” that contained passwords for accounts as well as…
Federal Bill Would Broaden FTC’s Role in Cybersecurity and Data Breach Disclosures
Kristin L. Bryan and Jeffrey L. Turner of Squire Patton Boggs write: Last week, the House Energy and Commerce Committee advanced H.R. 4551, the “Reporting Attacks from Nations Selected for Oversight and Monitoring Web Attacks and Ransomware from Enemies Act” (“RANSOMWARE Act”). H.R. 4551 was introduced by Consumer Protection and Commerce Ranking Member Gus Bilirakis…
Hackers’ Identities Are Unmasked by Controversial Twitter Feed
William Turton reports that a Twitter user and account unmasking hackers’ identities created a backlash from researchers and others. The account and associated substack blog have been removed. Going by the handle “pancak3,” the anonymous account quickly racked up over 10,000 followers thanks to the sheer volume of alleged hackers they’ve exposed. The person behind the account…
Luxembourg energy companies struggling with alleged ransomware attack, data breach
Jonathan Greig reports: Two companies based in Luxembourg are grappling with an alleged ransomware attack that began last week, the latest in a string of incidents involving European energy companies. Encevo Group said its Luxembourg entities Creos – an energy network operator – and the supplier Enovos were “victims of a cyberattack on the night…
Dental Care Alliance settles lawsuit stemming from 2020 breach
In December 2020, DataBreaches reported on a hacking incident involving Dental Care Alliance, a business associate to hundreds of dental practices. Commenting on the incident, DataBreaches wrote: With all that sensitive information involved, you might think that the practice would offer remediation services to the 1,004,304 people affected but they do not seem to have…