On April 23, the BianLian ransomware group listed: A***** *** * ******* S******* BianLian often uses the asterisk system before they actually name the victim and leak data. Today, though, DataBreaches also saw the following on the RansomHouse leak site: Albany ENT & Allergy Services They’re both listing the same entity (even the listed revenues…
Category: Health Data
MI: McLaren Greater Lansing Hospital accused of leaving patient medical records in decommissioned hospital
Ta’Niyah Jordan reports: Patient medical records are meant to be private. But one of Lansing’s largest hospitals is being accused of leaving behind boxes of confidential patient files in a decommissioned hospital. […] A whistleblower who attended the April 19th preview at the Pennsylvania campus says he found several boxes containing patient files. In images…
Data breach could affect up to 100,000 patients at Queensway Carleton Hospital
Elizabeth Payne reports: Health and personal information, home addresses and OHIP numbers of up to 100,000 patients at Queensway Carleton Hospital have been affected by a major data breach involving an Ottawa-based third-party software provider. The hospital sent out public notices of the breach Friday and is contacting patients individually. It has also notified the…
NYSARC Columbia County Chapter confirms July, 2022 ransomware incident
Nine months after detecting abnormal activity on their systems, and seven months after first publicly acknowledging a breach, NYSARC Columbia County has issued another press notice. Their newest notice is somewhat confusing in that it states that they “will issue notices to affected individuals and relevant state and federal agencies about the incident.” But then…
NIST to Finalize Special Publication (SP) 800-66 Revision 2 and Collaborate on Resources for Small, Regulated Entities
NIST to Finalize Special Publication (SP) 800-66 Revision 2 and Collaborate on Resources for Small, Regulated Entities April 25, 2023 For the past 18+ months, the National Institute of Standards and Technology (NIST), in collaboration with the HHS Office for Civil Rights (OCR), has been working to update NIST Special Publication (SP) 800-66, Implementing the Health…
Former Methodist employees plead guilty to HIPAA violations
There’s an update to a case announced in November 2022 in which five former Methodist Hospital employees in Memphis Tennessee were charged with criminal violations of HIPAA. According to the indictment, between November 2017 and December 2020, the five were charged with conspiring with Roderick Harvey to unlawfully disclose patient information in violation HIPAA. Harvey…