Hunton Andrews Kurth writes: On May 26, 2022, California Attorney General Rob Bonta issued a press release reminding health app providers that California’s Confidentiality of Medical Information Act (“CMIA”) applies to mobile apps that are designed to store medical information, which includes health apps such as fertility trackers. The press release reminds health app providers that the…
Category: Health Data
Shields Health Care Group notifies 2,000,000 patients after hack
Shields Health Care Group, Inc. (“Shields”) provides management and imaging services for dozens of covered entities in New England. On March 28, 2022, Shields was alerted to suspicious activity that may have involved data compromise. Their investigation discovered that an unknown threat actor had access to certain systems between March 7 and March 21 and…
Novartis says no sensitive data was compromised in cyberattack
Lawrence Abrams reports: Pharmaceutical giant Novartis says no sensitive data was compromised in a recent cyberattack by the Industrial Spy data-extortion gang. Industrial Spy is a hacking group that runs an extortion marketplace where they sell data stolen from compromised organizations. Yesterday, the hacking group began selling data allegedly stolen from Novartis on their Tor…
Health P.E.I. alerts public of privacy breach after laptop stolen
Shane Ross reports: More than 4,000 patients and 1,200 Health P.E.I. employees are being notified of a privacy breach after an employee’s laptop was stolen in April. In a news release issued Wednesday, Health P.E.I. said the stolen laptop was password protected and information technology staff took steps to secure the information as soon as…
FBI thwarts cyberthreat against Boston Children’s Hospital by hackers sponsored by Iranian government
WCVB reports: Hackers sponsored by the Iranian government tried to get into the computer systems of Boston Children’s Hospital last year; however, they were stopped with the help of the Boston Division of the FBI, officials announced Wednesday. […] In the summer of 2021, the FBI said officials received a report from another intelligence agency…
Costa Rica’s public health agency hit by Hive ransomware
Sergiu Gatlan reports: All computer systems on the network of Costa Rica’s public health service (known as Costa Rican Social Security Fund or CCCS) are now offline following a Hive ransomware attack that hit them this morning. Hive, a Ransomware-as-a-Service (RaaS) operation active since at least June 2021, has been behind attacks on over 30 organizations, counting only the victims…