So… regular readers know that DataBreaches has occasionally reported on data security incidents in the healthcare sector that involved leaks due to misconfigurations of GitHub repositories, storage buckets, open directories, etc. Not all of this site’s attempts to disclose leaks responsibly have gone smoothly, as described in a collaborative paper written with Dutch researcher Jelle…
Category: Health Data
St. Rose Hospital patient data appears on hacking forum (UPDATE1)
On December 20, a listing appeared on a popular forum that offered documents allegedly from St. Rose Hospital in Hayward, California. The listing was not a sales listing but rather a “demo data pack” listing of what was described as documents from a leak. The total leak allegedly contains 1.7 TB of files with: Financial…
Ca: Doctor’s records improperly disposed
Patient records from a newly closed medical practice were not properly disposed of the privacy commissioner has ruled. Dr. Lalita Malhotra, who retired earlier this year, failed to have all records shredded by a company that deals in secure shredding and some ended up whole in a recycling facility. “Dr. Malhotra states that she accepts…
SickKids reports ‘cybersecurity incident’ affecting some phone lines and web pages
The Canadian Press reports: Toronto’s Hospital for Sick Children says it’s responding to a “cybersecurity incident” affecting some of its phone lines, web pages and clinical systems. The hospital says all patient care continues and there is currently no evidence that personal health information has been compromised. SickKids says it called the hospital code for…
Morley Companies data breach $4.3M class action settlement
Top Class Actions reports: Morley Companies Inc. has set aside $4.3 million to settle a class action lawsuit following a ransomware attack that compromised data from its clients and customers. The settlement class, which has been directly notified of the settlement, is defined as U.S. residents whose data was compromised during the data incident the…
Fertility Centers of Illinois data breach $450K class action settlement
Top Class Actions reports: Fertility Centers of Illinois (FCI) agreed to pay $450,000 to end claims it allowed a 2021 data breach through subpar cybersecurity measures. The settlement benefits consumers who were impacted by Fertility Centers of Illinois’ data breach Feb. 1, 2021. Class members may have been sent a notification about the breach from…