Ferghal Blaney reports: Hacking victims who had their personal information stolen during the HSE ransomware attack last year have not been told they were targeted. It’s a legal requirement for the health authority’s IT management to inform them under GDPR rules. The HSE said in a statement that it was taking time to get through all of the…
Category: Health Data
CHI Health faces ‘IT security incident’ impacting Omaha-area online systems
Molly Ashford reports: CHI Health locations in Omaha are dealing with an “IT security incident” affecting electronic health records and other systems, a spokeswoman said Monday. According to Taylor Miller, CHI’s parent company, CommonSpirit Health, was the victim of the security incident that is impacting facilities across the country. She said some information technology systems…
NZ: Patient details compromised in cyber attack on health provider Pinnacle
Stuff reports: A cyber attack has compromised patient details kept by a large Waikato and Bay of Plenty health provider. Health Minister Andrew Little confirmed there has been a cyber attack against Pinnacle Health. The primary health provider operates dozens of GP practices handling tens of thousands of patients. Read more at Stuff. When are…
Ca: Settlement reached in decade-old lawsuit connected to Western Health privacy breach
Alex Kennedy reports a settlement in a case previously covered on this site back in 2012-2014: An out-of-court settlement has been reached in a class-action lawsuit involving Western Health that dates back more than a decade. The lawsuit was launched in August 2012, alleging that the health authority failed to protect the personal information of patients and…
Why won’t they tell you that your data were leaked? Why doesn’t the government make them tell you?
For the past few years, DataBreaches has called out victims of cyberattacks who do not fully disclose how bad a breach was. Weasel words such as something “may have” happened when a victim knows damned well that it wasn’t just “may have” but did happen are just one example. Another example involves victims who claim…
The Coeur Group notifies patients of data breach
DataBreaches has not seen anything on HHS’s public breach tool, but the Coeur Group in Omaha, Nebraska, published a legal notice about a cybersecurity incident involving patient information. According to their statement, an employee’s email account in Coeur Group’s business email system was compromised between June 7 and July 12, 2022. The breach was discovered on…