In June, many of us first became aware that Facebook was receiving sensitive medical information from hospital websites. Of 33 hospital websites that The Markup tested, 10 of them had trackers (“Meta Pixels”) which sent information to Facebook when a patients clicked a button on the hospital’s site to schedule an a medical appointment. This…
Category: Health Data
WA: Columbia River Mental Health Services issues preliminary media notice of a breach
On August 8, Columbia River Mental Health Services (“CRMHS”) in Washington State notified HHS about a data security breach involving some employee email accounts. A press release about the incident claims that CRMHS recently became aware of suspicious activity related to email accounts. They do not state exactly what they mean by “recently.” An investigation…
Ca: St. Joe’s creates new executive position for security of patient files amid backlash
Sebastian Bron reports: St. Joseph’s Healthcare Hamilton has created a new executive position dedicated to protecting patient privacy in the wake of a litany of intentional staff breaches. The hospital said Wednesday the senior post will oversee a revamped privacy policy, recently overhauled amid staunch criticism after five employees snooped into the sensitive health records of…
Humana, Cotiviti settle class action affecting 65,000 members
There’s an update to a breach reported on DataBreaches that involved both a business associate (Cotiviti) and insider wrong-doing by an employee of a subcontractor of the business associate (Visionary). Humana and Cotiviti agreed to a class action settlement to resolve claims they jeopardized consumer data in a 2020 data breach. The settlement benefits consumers…
TX: Methodist McKinny Hospital beat Karakurt to the punch by revealing attack quickly
Yesterday, Karakurt threat actors added the Methodist McKinny Hospital in Texas to their dark web leak site. They listed the hospital as a “pre-release,” which is their way of putting pressure on a victim — or trying to put pressure on a victim — to pay so their data is not leaked or auctioned off….
GA: Hacker disrupts systems at Forsyth County medical office
On July 25, Forsyth County deputies responded to reports that the computer system of a medical office had been hacked. According to a report, a practice representative told deputies they had been alerted by community partners that suspicious emails were being sent out through the practices email system. Read more at Appenmedia.com The news report…