More than two months after Fortra first began notifying clients that threat actors had exploited a vulnerability in GoAnywhere, many patients whose protected health information was stolen may still have no clue. In Part 1, we note entities that have already disclosed the breach. In Part 2, we will note those entities that do not…
Category: Health Data
D.C. Health Exchange Needs Broker Identity Theft Posse
Allison Bell reports: The builders of the Affordable Care Act health insurance exchange system once wondered whether agents and brokers would have a role in the health insurance market. Now, the managers of the ACA public exchange for the District of Columbia are turning to brokers to help persuade more users to protect themselves against the effects of…
State’s second-largest health insurer suffers cybersecurity attack
Jessica Bartlett reports: The state’s second-largest insurer suffered large technical outages due to a cybersecurity ransomware incident. Point32Health, the parent company for Tufts Health Plan and Harvard Pilgrim Health Care, said in a memo on its website that it identified a ransomware incident on Monday, affecting the systems it uses to service members, accounts, brokers…
HHS Cybersecurity Task Force Provides New Resources to Help Address Rising Threat of Cyberattacks in Health and Public Health Sector
On April 17, 2023, The U.S. Department of Health and Human Services (HHS) 405(d) Program announced the release of the following resources to help address cybersecurity concerns in the Healthcare and Public Health (HPH) Sector: Knowledge on Demand – a new online educational platform that offers free cybersecurity trainings for health and public health organizations to…
Fi: Hacked therapy centre’s ex-CEO gets 3-month suspended sentence
YLE reports: Helsinki District Court handed a three-month suspended sentence to the former CEO of a psychotherapy firm targeted in a major data breach. The court found the ex-CEO of Vastaamo, Ville Tapio, guilty of a data protection crime because he did not fulfil General Data Protection Regulation (GDPR) requirements, in terms of the pseudonymisation and…
Ongoing issues at Cornwall Community Hospital from “Cyber Incident”
On April 11, Cornwall Community Hospital (CCH) in Ottawa reported some “network Issues” and for patients to expect some delays as they worked to restore systems. The hospital’s EHR system was not affected by the attack. On April 13, CCH said they had determined that the network issues were a “cyber incident” and external experts…