Regulators in Romania have issued monetary penalties to six Romanian entities for insufficient technical and organizational measures to ensure information security. Two other entities were issued fines for other GDPR violations. The fines for insufficient technical and organizational measures ranged from 1,000 to 10,000 euros. Two of the entities were in the medical center. A…
Category: Health Data
New threat group hacked EU healthcare agency and embassies, researchers say
Jonathan Greig reports: A new hacking group is targeting European countries and organizations in an espionage campaign that began in June 2022, according to new research. Cisco’s Talos cybersecurity team calls the new group “YoroTrooper” and said it has already successfully compromised accounts connected to a “critical” European Union healthcare agency and the World Intellectual…
Independent Living Systems updates its breach disclosure; notifying more than 4.2 million patients
In September 2022, Independent Living Systems LLC (ILS), a business associate in Florida, notified HHS and regulators of a network incident that affected 501 patients. They also provided public notice, but were unable to identify and notify all individuals who had been affected. The “501” was simply a marker to indicate “more than 500.” The…
AllCare Plus Pharmacy notifies 5,971 patients of phishing incident last year
AllCare Plus Pharmacy, Inc. is an IQVIA business in Massachusetts. This week, they notified the Maine Attorney General’s Office of a phishing incident that affected 5,971 patients. According to their notification, on June 21, 2022, AllCare discovered that some employees had received phishing emails. Their investigation revealed that some of the employees’ accounts had been…
Beaver Medical Group notifying patients whose information was accessed in phishing incident
Beaver Medical Group (BMG) in California is part of Optum Health. On January 24, BMG discovered unusual activity in an employee’s workstation. Their investigation revealed that an unauthorized actor had launched a targeted phishing attack that gave them access to the employee’s email account. The types of personal and protected health information in that account…
N.L. says Hive ransomware group was behind 2021 cyberattack on health systems
Rob Antle reports: The Newfoundland and Labrador government says the Hive ransomware group was behind a cyberattack that paralyzed the province’s health-care system a year and a half ago. But top government officials still won’t say whether they paid a ransom. “We can’t disclose anything about a request for a ransom, for security purposes,” Justice…