It’s the weekend, but breaches don’t take a break. Some breach or leak disclosures that I spotted in reading the news today: Ballad Health in Tennessee has disclosed a breach. As reported by WCYB, who also includes the full notice from Ballad, on or about January 13, Ballad detected unusual activity in an employee’s email…
Category: Health Data
HHS OCR Issues Annual HIPAA Reports to Congress
Chris Bennington of Epstein Becker Green writes, in part: The HITECH Act requires OCR to issue annual reports to Congress of HIPAA breaches and complaints received by OCR during the calendar year. For 2020, OCR reported that it received 656 notifications of breaches affecting 500 or more individuals, 66,509 notifications of breaches affecting fewer than…
Wellstar Health System discloses data breach
Ariel Hart reports: Wellstar Health System suffered a data breach through its email system, it reported Friday afternoon. Wellstar said it learned two months ago that someone unauthorized had gained access to two email accounts. Via those accounts, patients’ health care information was exposed, including patient laboratory information, Wellstar said in a written statement. “After…
Five ransomware groups, five victims… will it ever ease up?
The following is a snapshot of recent attacks on U.S. healthcare entities by ransomware teams. #1 First Choice Community Healthcare – Hive Hive threat actors have never sworn off attacking the healthcare sector. In addition to claiming that they attacked the Partnership HealthPlan of California on March 19 (an attack that has impacted PHPC’s functioning),…
SuperCare Health notifies 318,379 patients of July breach
In March, Super Care, Inc. dba SuperCare Health, notified the California Attorney General’s Office of a breach. The home respiratory care provider’s notification explained that on July 27, 2021, they had discovered unauthorized activity in their system — activity that they subsequently learned began on July 23. In a notification to 318,379 patients sent on…
Would Sea Mar Community Health even know about large patient data dumps if not for DataBreaches.net?
The chronology of Sea Mar Community Health Center’s responses to a massive data breach suggests that they may be first learning of data dumps because of notifications by DataBreaches.net or this site’s reporting of our discoveries. If true, what does that say about their security and incident response? A DataBreaches.net commentary. Since 2021, DataBreaches.net has…