From an incident report appearing on Yale Medicine’s website: Yale Medicine has discovered a cybersecurity incident, involving the records of patients seen by Dr. Tito Vasquez at his former practice, Connecticut Plastic Surgery Group LLC, between 2009 and May 2021. This notice concerns a data security event that may have resulted in unauthorized access to…
Category: Health Data
When was the last time you checked on the paper records you put in storage somewhere?
A cardiology practice recently discovered that early patient records stored in a basement locker had been stolen at some unknown time. Given that these were paper account ledgers, is there even a backup so that the practice will have the names and then-contact information of everyone who should be notified? Their media notice does not…
PA: Medical assistant charged with stealing and misusing patient identity information
Altoona Mirror reports on a case of insider wrongdoing: A medical assistant has been arrested on charges related to stealing patient information for personal use. Ashley Latimer, 34, of Philadelphia, used information she collected from patient records and licenses to open credit cards, purchase items and lease apartments, Attorney General Josh Shapiro said in a…
HC3: Analyst Note: Venus Ransomware Targets Publicly Exposed Remote Desktop Services
November 9, 2022 TLP: Clear Report: 202211091400 Executive Summary HC3 is aware of at least one healthcare entity in the United States falling victim to Venus ransomware recently. The threat actors behind Venus ransomware operations are known to target publicly exposed Remote Desktop Services to encrypt Windows devices. This report provides additional information, indicators of…
Manitoba’s healthcare privacy breach numbers ‘truly alarming’
Katrina Clarke reports: Manitoba hospital workers have breached patients’ privacy more than 1,000 times in the last three years — but how many were disciplined and what consequences they faced is unclear. It’s an issue one ethicist calls “alarming,” saying the public deserves to know more about workers snooping into sensitive files. Data obtained by…
Were hospital attacks in Osaka linked to a supply chain attack on lunch service by “Phobos?”
Asahi Shimbun reports (machine translation): The social medical corporation “Seichoukai” (Naka Ward, Sakai City), which operates general hospitals in Osaka Prefecture, announced on the 7th that it had been damaged by a cyber attack caused by ransomware. School lunch delivery services that deliver meals to affiliated hospitals are said to be affected. This school lunch…