In January, the BianLian ransomware group added an unnamed medical group to their leak site. In February, they also posted a teaser on their BreachForums account. Although neither listing named the victim, DataBreaches was able to figure out that it was the Northeast Surgical Group (“NESG”) in Michigan. DataBreaches reached out to them multiple times,…
Category: Health Data
ES: Cyberattack at l’Hospital Clínic has affected laboratory, pharmacy, and emergency services (updated)
Translation: A ransomware-type computer attack at the Hospital Clínic de Barcelona affects the center’s Laboratory, Pharmacy and emergency services. […] The Clinic has reported that they have coordinated with Salut and the other hospitals in the city to attend to emergencies, medical transport and urgent codes (such as strokes or heart attacks). At the moment, patients already admitted have…
The Chautauqua Center notifies patients of breach; changes EMR provider
The Chautauqua Center (TCC) in New York has disclosed a HIPAA breach by a business associate. The business associate’s error resulted in the protected health information of 747 physical and occupational therapy patients being made accessible to other covered entities. According to their notification letter to those affected, the breach occurred on December 22nd at…
Medicare under attack: Healthcare data breaches increase fraud risks
Melissa D. Berry reports: Stealing Medicare beneficiary identification numbers has become the latest goal for cybercriminals who see this data as even more valuable than stolen credit cards. A South Florida man pled guilty in federal court in late-January to “conspiring to buy and sell more than 2.6 million Medicare beneficiary identification numbers” and other…
Hacker stole bank account, Social Security numbers, and health plan info of Colorado school district employees
Updated March 15: This incident was reported to HHS on March 3 as affecting 35,068 health plan members, so it likely included former employees as well as current ones. DPS’s notice can be found on their website. Nate Lynn reports: Personal information belonging to some 15,000 Denver Public Schools (DPS) employees was stolen in what…
Another ransomware-related lawsuit settles: Preferred Home Care
Top Class Actions reports there is a settlement involving Preferred Home Care in New York. The lawsuit alleged the provider failed to protect employee and patient data from an attack in January 2021. The data breach allegedly compromised the information of 92,283 patients and employees, including sensitive health information and personal identifiers such as Social…