The Office of Inadequate Security
In September 2023, DataBreaches reported on an alleged ransomware attack involving Visiting Physician’s Network in Texas. The report provided screenshots of data leaked on the Threeam gang’s leak site and noted that Visiting Physician’s Network did not respond to inquiries about the breach. It is now one year later. DataBreaches has found no substitute notice,…
YLE reports: Two lawyers representing some victims of the massive Vastaamo psychotherapy centre data breach say their clients are dissatisfied with the compensation amounts announced by the State Treasury. In late August, Treasury service director Tuomo Yliluoma estimated to Yle that Vastaamo’s victims will receive an average of 500–1,500 euros in damages for attempted or aggravated extortion….
There’s an update to another distressing “shoot-the-messenger” story where a journalist was arrested for simply reporting on a breach that the government denied (previous background). Now Railly News reports: The incident was first brought to the agenda by journalist İbrahim Haskoloğlu in 2022. Haskoloğlu was subsequently arrested after reporting that citizens’ personal data had been…
Chase Jordan reports: Atrium Health is apologizing publicly and notifying patients who may have been impacted by a malicious email sent to employees in April, the company announced Friday. Social Security numbers may have been among the personal information exposed to the criminals, Atrium said. An unauthorized third party gained access to a group of…
In 2023, a ransomware attack against Lehigh Valley Health Network by AlphV (BlackCat) involved the threat actors leaking nude photos of some cancer patients. In reporting on one of the first class action lawsuits launched against LVHN, DataBreaches pointed out how significant this situation and litigation might be, in part, because of the nude photos…
Beth Treffeisen reports: A women’s gynecological clinic in Attleboro is suing a neighboring crisis pregnancy center, accusing it of hacking its confidential online portal and misleading patients to prevent abortion. Four Women Health Services alleges that Attleboro Women’s Health Center, also named Abundant Hope Pregnancy Resource Center, broke computer fraud, consumer protection, and wiretapping laws…