Marianne Kolbasuk McGee reports: A healthcare services contractor has agreed to pay a $933,000 settlement in a federal whistleblower case involving alleged false claims by the entity about the security of electronic medical records containing the information of military personnel, diplomats and contractors. The settlement is the first under the Department of Justice’s Civil Cyber-Fraud Initiative,…
Category: Health Data
Another Technology Management Resources client reports a data breach
PhySynergy has disclosed a vendor breach involving IberiaBank’s lockbox service provider, Technology Management Resources, that may have impacted some of its customers and/or patients. From their press release: HUNTSVILLE, Ala., March 4, 2022 /PRNewswire/ — PhySynergy, LLC (the “Company”) is notifying individuals of a service provider security incident that involved the personal information of some of its patients and/or…
KS: Labette Health discloses October, 2021 data security incident
Labette Health in Kansas has started notifying employees and patients of a data security incident. According to a statement on their website, an investigation determined that unauthorized individual(s) potentially accessed and acquired information from portions of their network between October 15, 2021 and October 24, 2021. It appears that it took them four months from…
NHS Management, LLC issues updated statement about cyberattack in 2021
The following press release is not the first press release we have seen from NHS Management, LLC, a business associate in Alabama. Coverage of a previous press release in January can be found on this site, here. Comparing the new press release, below, to the previous one, it appears that ongoing investigation revealed that the…
MO: Capital Region reaching out to patients about cyberattack
The News Tribune reports that the Capital Region Medical Center in Missouri has started notifying patients whose protected health information (PHI) was accessed during a ransomware incident in December, 2021 that left their phone systems and network down for several days. CRMC had disclosed the incident promptly but had not been able to immediately determine…
HHS Cybersecurity Update: Conti Ransomware Update
TLP: White Report: 202203101700 March 10, 2022 Conti Ransomware (Update) Executive Summary Conti is a ransomware group that has aggressively targeted healthcare organizations since it was first observed in 2019. Conti ransomware attacks have targeted the healthcare industry, major corporations, and government agencies, particularly those in North America. In typical Conti ransomware attacks, the…