Retreat Behavioral Health (RBH) has addiction treatment facilities in Florida, Pennsylvania, and Connecticut. On July 1, 2022, they reportedly detected a ransomware attack. Letters were sent out this week, but because Massachusetts actually prohibits entities from providing important details in notifications to consumers, there’s a lot we don’t know about this incident yet. Specifically, the…
Category: Health Data
NC: Monarch notifies HHS of breach, but where are the details and notice?
On September 1, a listing on a dark web site by a group calling themselves Don#t_Leaks named MonarchNC as a victim. The listing did not appear for long. The only “proof” offered at the time was a filetree and a screencap of what might be an index of an inbox showing monarchnc.org domain in email…
Are Data Breach Class Action Lawsuits Protecting Patients?
Marianne Kolbasuk McGee reports: The prospect of class action lawsuits being filed in the aftermath of a major data breach often has more impact on breached healthcare organizations than the potential for fines and enforcement actions by government regulators, says attorney Jeff Westerman of Westerman Law Corp. With all the legal expenses and time involved…
Attack on the Azienda Ospedaliera di Alessandria hospital: additional details on the case
Marco A. De Felice prefaces his reporting on a Ragnar_Locker attack with this message: For ethical reasons we did not want to spread the news of the attack on the hospital’s IT infrastructure before the news became public knowledge. Indeed, on December 20, SuspectFile had already become aware of the ransom note written by the…
CommonSpirit Gets Restraining Order in Missing Patient Info Suit (UPDATED)
Holly Barker reports: CommonSpirit Health, one of the country’s largest nonprofit health systems, convinced a federal judge in Texas to order a medical technology vendor to return hundreds of thousands of medical records it was sent to archive. The US District Court for the Northern District of Texas’s order directs Emerge Clinical Solutions LLC to…
Updating Scripps Health ransomware incident: litigation settlement
Dorian Hargrove of CBS reports that Scripps Health has agreed to pay more than $3.5 million dollars to victims of a ransomware attack in 2021 that compromised the personal information of more than one million patients. More than 1 million patients? At the time, Scripps had reported that it was notifying 147,267 patients, and that…