[Comment: I’ve been waiting for this since I first suspected that Daixin Team might be responsible for the CommonSpirit breach. And although it has not been confirmed by anyone, I still suspect them of that one. — Dissent] Alert (AA22-294A) #StopRansomware: Daixin Team Download the PDF version of this report: pdf, 591 KB Technical Details Note:…
Category: Health Data
NC investigating claims Facebook received WakeMed, Duke Health patient data
Lauren Ohnesorge reports: A month after a federal lawsuit alleged Triangle hospitals disclosed patient phone numbers and other information to Facebook (Nasdaq: META) without permission, North Carolina officials confirm the state is also investigating. The accusations involve Facebook’s Pixel tracking tool, which plaintiff attorneys in multiple lawsuits filed across the country claim is being improperly used…
French maternity hospital hit by ransomware attack by Vice Society; attackers claim to have 150 GB of files
Le Journal du Dimanche reports that a private maternity hospital in France, Hôpital Pierre Rouquès – Les Bluets was the victim of a cyberattack by Vice Society on October 9. A notice on the hospital’s home page alerts people to the attack and that their email system does not work. [Note: there is also a…
New York Department of Financial Services settles charges against EyeMed with a $4.5 million penalty and remedial cybersecurity plan
In January 2022, DataBreaches reported that New York announced a $600,000 agreement with EyeMed that resolved a 2020 phishing incident that compromised the personal information of approximately 2.1 million consumers nationwide, including 98,632 in New York. But that was not the end of enforcement action and monetary penalties for EyeMed. Now the state’s Department of…
Health insurer Medibank enters trading halt after cyberattack, says it received communication from alleged hackers (UPDATED)
Nino Bucci reports: Private health insurer Medibank has entered a trading halt after telling customers it had received messages from a group claiming to have accessed the data of its customers in a cyber-attack. In a statement to the Australian stock exchange on Wednesday, the company said it had received messages from a group that…
Keystone Health notifies 235,237 patients of data security breach
Keystone Health in Pennsylvania is notifying 235,237 patients about an incident they describe on their website: On August 19, 2022, we identified an incident that temporarily disrupted our computer systems. We reported the incident to law enforcement and worked with a third-party cybersecurity firm to determine what happened. Our investigation found that an unauthorized party…