Alessandro Mascellino reports: Researchers have found three separate vulnerabilities in OpenEMR, an open-source software for electronic health records and medical practice management. Clean code experts at Sonar published an advisory Wednesday about the discovered flaws by security researcher Dennis Brinkrolf. Thanks to responsible disclosure, the vulnerabilities were addressed in October 2022. Anyone using OpenEMR should update to one of the updated…
Category: Health Data
Class action lawsuits following breaches in the medical sector: do they help or make things worse?
In their predictions for 2023, the very first prediction by Mary T. Costigan, Jason C. Gavejian & Joseph J. Lazzarotti of JacksonLewis involved healthcare and medical data security and tracking: 2023 will see a significant increase in the number of lawsuits and perhaps OCR compliance reviews relating to medical information privacy and HIPAA, including new…
Jm: South East Regional Health Authority victim of ransomware attack
The Jamaica Gleaner reports that the South East Regional Health Authority (SERHA) had been hit by a cyberattack that affected some information and communications technology and other services to the public. Junior Opposition Spokesperson on Science and Technology Omar Newell has since called for the disclosure of more details of the breach, such as whether,…
Lutheran Social Services of Illinois notifies 184,183 of ransomware attack one year ago
On March 25, 2022, Lutheran Social Services of Illinois (LSSI) notified HHS of a breach affecting 1,000 people. The incident, still under investigation by HHS, was coded as a “Hacking/IT Incident” involving data on the network server. On January 25, 2023, LSSI notified the Maine Attorney Genera’s Office a breach affecting a total of 184,183…
Hive Ransomware’s infrastructure seized; law enforcement “hacked the hackers”
After months of a “cyber stakeout” in which law enforcement officials lawfully hacked the hackers, one of the top ransomware gangs in the world had their servers seized and their operations dismantled. DataBreaches reported the seizure earlier this morning. Hive ransomware gang has been the subject of numerous posts on DataBreaches over the past two…
Private health data breach in Isle of Man to be dealt within 3 months, officials say
Seen on diabetes.co.uk: An organisation set up to focus on the delivery of health and social care on the Isle of Man has been given a three-month deadline to stop data breaches. Manx Care will be ordered to pay £170,000 if they fail to prevent breaches of people’s private data within the next three months….