During the pandemic, a lot of entities took steps to collect information to try to limit the spread of COVID. Thomson Medical had a portal for visitors, but instead of the data being stored in a secured database, it was stored in both a secured database and one that could be accessed by the public….
Category: Health Data
Hackers selling user data from CoWIN platform on DarkWeb
Times Now reports: Only a few weeks after hackers breached India’s premier government hospital, AIIMS Delhi, they have moved on to the Indian government’s web portal for COVID-19 vaccination, CoWIN.gov.in, selling sensitive information to the highest bidder on the Dark Web. […] The evidence provided by the hacker consists of screen captures of the portal’s administrative interface, which…
Archives NZ breach gives access to sensitive health information
The Bharat Express News reports: A privacy breach by Archives NZ allows people to see records containing sensitive health information of abuse survivors. The breach was discovered months ago, but officials hid it from the public. Read more at The Bharat Express News.
CMS Responding to Data Breach at Subcontractor
I cannot remember any other breach where CMS actually issued those affected new Medicare numbers and cards, but it happened in this one: A Centers for Medicare and Medicaid (CMS) subcontractor was the victim of a ransomware attack in October. The full press release follows: The Centers for Medicare & Medicaid Services (CMS) is responding…
HHS Civil Rights Office Enters Settlement with Dental Practice Over Disclosures of Patients’ Protected Health Information
From HHS, resolution of a complaint they received in 2017: The Office for Civil Rights (OCR) has settled with B. Brandon Au, DDS, Inc., d/b/a New Vision Dental (New Vision Dental), in California, over the impermissible disclosure of patient protected health information (PHI) in response to online reviews, and other potential violations of the Health…
HC3: Analyst Note: LockBit 3.0 Ransomware
Report: 202212121700 LockBit 3.0 Ransomware December 12, 2022 Executive Summary LockBit 3.0 is the newest version of the LockBit ransomware that was first discovered in September 2019. The ransomware family has a history of using the Ransomware-as-a-service (RaaS) model and typically targets organizations that could pay higher ransoms. Historically, this ransomware employs a double extortion…