Suchit Leesa-Nguansuk reports: About 39 million purported patient records from Siriraj Hospital have been offered for sale on an internet database-sharing forum in what appears to be the latest hack of the country’s public health sector. Authorities are investigating the post, which was on raidforums.com. […] The data is not only from Siriraj Hospital but…
Category: Health Data
Maryland health workers, lawmakers want answers as problems persist a month after cyberattack
Steve Thompson reports: State health workers still often can’t use computers, access shared drives and get to important data a month after a cyberattack crippled Maryland’s health department, the head of a union representing agency employees said Friday. They’ve received little information about what’s going on and are preparing for the possibility that their systems could remain…
Grass Valley discloses 2021 data breach
Yesterday, Grass Valley in California announced they had suffered a breach last year. Their disclosure does not say when they first detected any breach, but reports that their investigation determined that unauthorized access had occurred between April 13, 2021 and July 1, 2021. After further investigation, Grass Valley discovered that the unauthorized person transferred files…
Compton and Broomhead Dental Center alleged victim of cyberattack
It’s one thing to ignore ransom demands from threat actors, but how smart — or foolish — is it to be sarcastic or insulting to those who have exfiltrated files with your patients’ protected health information? DataBreaches.net was recently contacted by threat actors who were previously associated with other groups. They claimed to have attacked…
COVID Test Data Breach at British School
Sarah Coble reports: A mix-up at a school in Worcestershire, England, caused parents to receive the COVID-19 test results of other people’s children. The data breach, reported today by the Evesham Journal, occurred at co-educational secondary school and sixth-form college The De Montfort School (TDMS) in Evesham, which is part of the Four Stones Multi Academy…
Jefferson Surgical Clinic notifies 174,769 about June, 2021 data breach
If a covered entity detects a breach at the beginning of June 2021 but doesn’t notify patients until January 2022, will HHS think this is just fine? What if there was no encryption of data involved? Is it acceptable to take 7 months to notify patients if there are no unusual circumstances or request from…