How many times have we read that paying a threat actor’s extortion demands only encourages more financially motivated crime and doesn’t ensure that the data won’t be retained or re-sold or leaked? Those making that argument appear to be generally correct, but are there exceptions? For years now, DataBreaches has gone back and forth between…
Category: Health Data
HHS OCR Settles HIPAA Ransomware Investigation with Syracuse ASC for $250k plus corrective action plan
Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a settlement with Syracuse ASC, LLC doing business as Specialty Surgery Center of Central New York, for potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security and Breach Notification Rules. Syracuse ASC is a…
Two more entities have folded after ransomware attacks
It is still fairly rare for a ransomware victim to totally shutter its doors permanently as a result of an incident, but a relatively small breach in Georgia was reportedly fatal for Ascension Health Services LLC DBA Alpha Wellness and Alpha Medical Centre. A notice on its website dated April 4, 2025 reads: We are…
Data breach feared after cyberattack on AMEOS hospitals in Germany
DPA reports: A cyberattack on Swiss hospital group AMEOS may have exposed sensitive patient and staff data, the company said on Monday. The attack, which took place two weeks ago, caused significant disruption across the group’s German operations. The company described the episode as a targeted assault on its IT infrastructure. In a statement, AMEOS…
Premier Health Partners issues a press release about a breach two years ago. Why was this needed now?
Premier Health Partners (“PHP”) in Ohio issued a press release this week and uploaded a substitute notice to its website. Why they first concluded an investigation into a breach they discovered on July 12, 2023 requires more explanation than they provide. Premier Health Partners (“Premier Health”) is providing notice of a cyber incident that may…
Theft from Glasgow’s Queen Elizabeth University Hospital sparks probe
Old-fashioned breaches still exist. Amanda Keenan reports: Health board chiefs have launched a major investigation after brazen thieves stole NHS laptops containing confidential patient data. Around 20 staff devices were snatched from an office block within the Queen Elizabeth University Hospital in Govan. Greater Glasgow and Clyde health board bosses have been forced to fork out £14,000 to…