Alex Kennedy reports: Hackers stole personal information connected to both patients and employees in the Eastern Health and Labrador-Grenfell Health regions of Newfoundland and Labrador’s health-care system as part of a recent cyberattack, according to officials. The information was accessed through the province’s Meditech data repository, which includes a patient information database as well as…
Category: Health Data
Some Florida Heart Associates data appears on dark web after ransomware attack earlier this year
In July, this site noted a May, 2021 ransomware incident that significantly impacted Florida Heart Associates. In July, they notified HHS that 45,148 patients were impacted. Now this week, we learned that it was Pysa threat actors who had attacked them, and they have now dumped some of the data. Pysa’s dump is a little…
Maxim Healthcare notifies patients of breach that occurred in October, 2020
On November 4, Maxim Healthcare Group, including Maxim Healthcare Services and Maxim Healthcare Staffing (collectively “Maxim Healthcare”) issued a press release about a breach — a press release they describe as issued “out of an abundance of caution.” That sounds like they had an option not to disclose. I would think that they were required…
Two providers in Colorado and Alabama report breaches, and a benefits administrator in Georgia also reports a cyberattack
The Urology Center of Colorado (TUCC) On September 8, TUCC detected an attack that began September 7. Their investigation revealed that patients’ name and one or more of the following data elements may have been date of birth, Social Security number, address, phone number, email address, medical record number, diagnosis, treating physician, insurance provider, treatment…
Technology vendor, mental health services provider, and pain management clinic all report breaches involving protected health information
QRS On August 26, healthcare technology services company QRS, Inc. (“QRS”) discovered that an attacker had compromised a patient portal and exfiltrated some files from that client’s server. The compromise had been detected within three days of the attack. The information the threat actor may have accessed or acquired may have included, depending on the…
Black Shadow hackers leak medical records of 290,000 Israeli patients
The Times of Israel reports: In its second major leak in a day, the Black Shadow hacking group on Tuesday night uploaded what it said was the full database of personal information from Israel’s Machon Mor medical institute, including medical records of some 290,000 patients. The directory reportedly includes information on patients’ blood tests, treatments,…