The Urology Center of Colorado (TUCC) On September 8, TUCC detected an attack that began September 7. Their investigation revealed that patients’ name and one or more of the following data elements may have been date of birth, Social Security number, address, phone number, email address, medical record number, diagnosis, treating physician, insurance provider, treatment…
Category: Health Data
Technology vendor, mental health services provider, and pain management clinic all report breaches involving protected health information
QRS On August 26, healthcare technology services company QRS, Inc. (“QRS”) discovered that an attacker had compromised a patient portal and exfiltrated some files from that client’s server. The compromise had been detected within three days of the attack. The information the threat actor may have accessed or acquired may have included, depending on the…
Black Shadow hackers leak medical records of 290,000 Israeli patients
The Times of Israel reports: In its second major leak in a day, the Black Shadow hacking group on Tuesday night uploaded what it said was the full database of personal information from Israel’s Machon Mor medical institute, including medical records of some 290,000 patients. The directory reportedly includes information on patients’ blood tests, treatments,…
What happened, Friday edition
It’s often quite difficult to code incidents for analysis purposes. Consider the following notification’s description of what happened, as one example: Mesa, AZ: November 3, 2021 – Baywood Medical Associates, PLC dba Desert Pain Institute (“DPI”), a health care provider specializing in pain management located in Mesa, Arizona, has become aware of a data security incident…
JEV Plastic Surgery & Medical Aesthetics notifies patients of malware incident
JEV Plastic Surgery & Medical Aesthetics in Maryland has issued a press release about a malware incident. According to their notice, an unauthorized actor accessed their systems and may have viewed or acquired certain patient information between April 30, 2021 and June 14, 2021. The types of personal and/or medical information that may have been accessible by…
Possible cyberattack hits ‘brain’ of N.L. health-care system, delaying thousands of appointments Social Sharing
CBC News reports: A cyberattack appears to be behind a provincewide disruption of health-care services in Newfoundland and Labrador that has affected thousands of appointments and procedures, including those involving COVID-19 testing. “We may have been victims of a possible cyberattack by a third party,” said Health Minister John Haggie at a news conference Monday morning….