Carly Page reports: Advanced, an IT service provider for the U.K.’s National Health Service (NHS), has confirmed that attackers stole data from its systems during an August ransomware attack, but refuses to say if patient data was compromised. Advanced first confirmed the ransomware incident on August 4 following widespread disruption to NHS services across the U.K. The attack…
Category: Health Data
Australia’s Medibank reports cyber incident, shares on trading halt
Reuters reports: Australian health insurer Medibank Private (MPL.AX) said on Thursday it will isolate and remove access to some customer-facing systems as it detected unusual activity on its network. The company said it took “immediate steps to contain the incident, and engaged specialised cybersecurity firms”, adding that there was no evidence that any sensitive data,…
Retirement plan participants urge judge not to dismiss Horizon Actuarial Services data breach class action
Abraham Jewett reports that a group of Horizon Actuarial Services retirement plan participants are trying to save their proposed class action lawsuit from dismissal by a judge. The litigation stems from a ransomware incident in November 2021. The proposed class of more than 2 million Horizon retirement plan participants argue that the data breach was…
Update from CommonSpirit confirms ransomware attack
…. but doesn’t say much else in the way of details. Here’s their full update of October 12: Over the course of this past week, we have been managing a response to a cyberattack that has impacted some of our facilities. Patients continue to receive the highest quality of care, and we are providing relevant…
Eventus WholeHealth notifies patients of breach
Eventus WholeHealth, PLLC (“Eventus”) provides integrated primary care and mental health services to medically vulnerable adults. In a press release issued this week, they disclose a breach involving protected health information. “On June 1, 2022, we observed suspicious activity associated with a single Eventus email account, despite multifactor authentication on the account.” Comment: That statement…
Aesthetic Dermatology Associates notifies patients of breach, but data already leaking on dark web
If you say you are going to provide details of an incident, then DataBreaches believes that you should provide important details — like the fact that patient data has been leaked on the dark web. Here’s another incident notice where there is no mention of that. From Aesthetic Dermatology Associates‘ press release: What Happened? On…