HIPAA Journal reports: A class action lawsuit filed against West Virginia University Health System over a breach of the protected health information of 7,445 patients has had the class certification order lifted by the Supreme Court of Appeals of West Virginia. The lawsuit is related to an insider data breach that occurred in 2016. Between…
Category: Health Data
Huntington Hospital discloses insider criminal breach after law enforcement lifts delay on notice
Huntington Hospital in New York has disclosed an insider-wrongdoing incident that occurred between October 2018 and February 2019. Although they determined in February, 2019 that the now-former employee was engaging in unauthorized access to patient records, and suspended the employee (and eventually terminated the employment), they were asked to delay notification to those impacted until…
Three months after ransomware attack and two months after data was dumped, UHC has yet to notify patients in writing
On September 25, DataBreaches.net reported on a ransomware attack suffered by United Health Centers of San Joaquin Valley (UHC). BleepingComputer had also reported on the incident the day before. Neither this site nor BleepingComputer had been able to get a statement from UHC at the time, but it was clear from the data dumped by…
Former UK doctor sentenced for voyeurism and unauthorized access to computer material
Sean Davies reports: A perverted doctor was jailed for two years and eight months for spying on housemates, friends, colleagues and hacking the details of 2000 potential women victims. Vinesh Godhania used a tiny pin-hole camera to secretly record women having sex, showers and using the bathroom at his address. He covertly filmed doctors, nurses…
Ransomware threat actors dump NHS records on the ‘dark web’: Highly sensitive medical documents are leaked online after hackers’ £3million Bitcoin ransom is rejected
Last week, this site reported that a U.K. fertility clinic had been impacted by an attack on Stor-a-File, their document scanning vendor. This week, there was more bad news for Stor-A-File clients. Michael Powell, Molly Clayton, and Kevin O’Sullivan report that Clop threat actors have dumped sensitive files on their dark web leak site when…
A mailing error with troubling potential
We have all read about mailing errors by now. In fact, such errors are one of the biggest types of HIPAA breaches — providing one patient’s information to another, or a mail merge error, or something similar. But here’s a case in the U.K. that serves as a painful reminder that such breaches can have…