On August 4, Practice Resources, LLC notified the California Attorney General’s Office that it had been the victim of a ransomware attack on April 12. They also notified HHS that 942,138 patients were affected by the breach (see below). The New York firm is a business associate that provides a variety of health management services,…
Category: Health Data
Florida Orthopaedic Institute settles lawsuit after 2020 ransomware incident
Top Class Actions reports that Florida Orthopaedic Institute, ooerated by the Musculoskeletal Institute, has agreed to pay $4 million to settle claims stemming from a 2020 ransomware attack. The incident was first disclosed in June 2020, and then reported to HHS on July 1 as affecting 640,000 patients. There is no notation in HHS’s public…
Lee County Emergency Medical Services notifies past customers of third-party security breach
Cape Coral Breeze reports: Lee County Emergency Medical Services reports that on Aug. 4 staff received notification of a customer data breach related to a previous third-party vendor responsible for ambulance billing services. Lee County EMS conducted business with a company called Intermedix Corporation for nearly 15 years, ending its vendor contract in September 2014….
UK: Around 5,000 Dorset hospital patient images deleted
Andrew Goldman reports: Thousands of radiology images, including breast screenings, of Dorset patients have been accidentally deleted. University Hospitals Dorset (UHD) has insisted implications to patients are “very low” after the Echo discovered approximately 5,000 health images taken during a period in 2019 were wiped during a routine archive process. Images lost include 214 clinical…
Judge Investigates Alex Jones’ Legal Team After Sandy Hook Medical Records Are Leaked
Mary Papenfuss reports: The judge in a Sandy Hook defamation lawsuit against far-right conspiracy podcaster Alex Jones has launched an investigation of his legal team after the medical records of school parents were leaked. Medical and psychiatric records of some parents and relatives of the children killed in the 2012 mass shooting at Sandy Hook Elementary in…
When 2+2 = OMG: Two hospitals, two breaches each, both discovered in same month.
Conifer Revenue Cycle Solutions provided notice on Friday concerning a breach on January 20, 2022, when an unauthorized individual accessed a Microsoft Office 365-hosted business email account. Conifer discovered the breach on April 14, 2022. The email account is separate from Conifer’s internal network and systems, which were not impacted. But the compromise enabled the…