Approximately 43,000 patients of an immediate care facility and its associated primary care practice in Chicago may or may not know it yet, but threat actors gained access to protected health information in December and proceeded to remove more than 500 GB of files between December and May 10. Or so the threat actors claim….
Category: Health Data
Behavioral health entities in Massachusetts and Ohio reportedly victims of cyberattacks
DataBreaches.net has found two behavioral health entities that reportedly or allegedly experienced recent cyberattacks involving protected health information of patients. The first, Behavioral Health Partners of Metrowest (BHPMW), describes itself as a partnership that brings together leading social services and behavioral health agencies serving the Greater MetroWest region of Massachusetts. Together, they write, Family Continuity,…
Christus Health ransomware incident involved theft of sensitive patient and employee data
First, the good news (such as it is): a ransomware attack on Christus Health by Avos Locker has not impacted patient care. Now, the bad news: the threat actors acquired — and have already leaked — a lot of sensitive information on patients and employees. On May 11, Avos Locker added Christus Health to their…
IN: Schneck Medical Center notifying patients about data security incident
Schneck Medical Center announced Friday that it was notifying “a limited number” of patients of a data security incident that resulted in the access and exfiltration of some files containing protected health information (PHI). They do not indicate how many patients are being notified and the incident does not yet appear on HHS’s public breach…
Parker-Hannifin discloses breach affecting employee health plan data
On March 14, Parker-Hannifin discovered unauthorized access to to their IT systems that began three days earlier. Their investigation determined some files on Parker’s IT systems had been accessed and possibly acquired by the attacker. The information involved related to current and former employees, their dependents, and members of Parker’s Group Health Plans (including health…
Refuah Health Center “recently discovered” a breach that was listed on the dark web in June, 2021?
On April 29, 2022, Refuah Health Center in New York issued a statement on their website that begins: The privacy and security of the personal and protected health information we maintain is of the utmost importance to Refuah Health Center. We recently discovered unauthorized access to our network occurred between May 31, 2021 and June…