Friday, August 27, 2021 On February 5, 2021, Goodwin Procter LLP (“Goodwin”) notified Beaumont Health (“Beaumont”) of a security incident at Accellion, a third-party vendor whose File Transfer software was used by Goodwin for large file transfers on behalf of clients, including Beaumont. Goodwin received some personal and protected health information from Beaumont in connection…
Category: Health Data
Indonesia probes suspected data breach on COVID-19 app
Reuters reports: Indonesia is investigating a suspected security flaw in a COVID-19 test-and-trace app that left exposed personal information and the health status of 1.3 million people, a health ministry official said on Tuesday. Researchers from encryption provider (sic) vpnMentor said personal information in the Indonesia Health Alert Card (eHAC) app, often required to be used…
DuPage Medical Group notifying 600,000 patients that their personal information may have been compromised in cyberattack
Lisa Schencker reports: DuPage Medical Group is notifying 600,000 patients that their personal information may have been compromised during a July cyberattack. DuPage Medical Group, which is the state’s largest independent physicians group, experienced a computer and phone outage that lasted nearly a week in mid-July. The group worked with cyber-forensic specialists to investigate the incident and…
Quebec could make changes to vaccination passport after flaws in system exposed
CBC News reports: When Louis heard the province’s digital transformation minister say on Tuesday that quick response (QR) codes “cannot be falsified, modified or copied,” he took it as a challenge. “There’s always a flaw,” he said. “It’s just a matter of being patient enough to find it.” […] within six hours, Louis said he…
Pennsylvanians who had personal information exposed in contact tracing data breach no longer suing state
Rick Earle reports: The Pennsylvania Health Department has been dismissed from a federal lawsuit including Insight Global, the company responsible. Insight Global is now the only defendant named in that lawsuit. Target 11 broke the story in April that personal information of more than 70,000 Pennsylvania residents involved in COVID-19 contact tracing had been compromised. Insight Global blamed…
CareATC notifies patients, employees, and dependents after discovering employee email accounts compromised
The following is a press release: TULSA, Okla., Aug. 27, 2021 /PRNewswire/ — CareATC, Inc. (“CareATC”) recently discovered an incident that may have impacted the privacy of information related to certain patients, employees, and dependents of patients and employees. While CareATC is unaware of any attempted or actual misuse of information in relation to the incident, it is providing potentially affected…