Farah Yousry reports the aftermath of a ransomware attack by Hive that was previously reported on DataBreaches in 2021: As the second year of the pandemic was nearing an end, employees at Johnson Memorial Health hoped they could catch their breath after dealing with a weeks-long tsunami of COVID-19 hospitalizations and deaths. But on a…
Category: Health Data
NYS Secures $200,000 from Law Firm for Failing to Protect New Yorkers’ Personal Data
NYS Attorney General Letitia James announced a settlement: New York Attorney General Letitia James secured $200,000 from the law firm, Heidell, Pittoni, Murphy & Bach LLP (HPMB) for failing to protect New Yorkers’ personal and healthcare data. HPMB’s poor data security measures made it vulnerable to a 2021 data breach that compromised the private information of approximately…
No need to hack when 682,000 medical records are leaking, Monday edition
On March 15, DataBreaches was contacted by a researcher who had found a “bunch of medical docs.” The files included patient intake evaluations, laboratory results, medical records requests, insurance information forms, treatment or consultation notes, and other files you would expect to see in a patient’s records. The patients all appeared to be in Texas,…
Updating: Cyberattack against CHRU Brest: what happened
In a March 11 post about non-U.S. hospitals that had been victims of cyberattacks, DataBreaches had noted a report about CHU-BREST. Valéry Rieß-Marchive of LeMagIT has an update and more details on the incident. The following uses machine translation from the original French: During a press briefing, this Friday, March 24, the direction of the…
The BreachForums case: The HHS-OIG did WHAT?!? Why?
Revelations contained in an affidavit by an FBI agent and a press release by the Department of Justice about the arrest of the owner of a popular hacking forum raise a few questions about the role of the U.S. Department of Health and Human Services Office of the Inspector General (HHS-OIG). An affidavit by FBI…
Warning to Seniors: Personal Data of 254K Medicare Beneficiaries at Risk After Breach
Casey Harper reports that Congress finally got around to questioning CMS about a ransomware attack on Healthcare Management Solutions, a CMS subcontractor. The attack involved Medicare and Medicaid numbers. Hundreds of thousands of Americans’ personal information is at risk after Medicare’s data was breached. Now, lawmakers want answers. House Committee on Oversight and Accountability Chairman…