The following press release is not the first press release we have seen from NHS Management, LLC, a business associate in Alabama. Coverage of a previous press release in January can be found on this site, here. Comparing the new press release, below, to the previous one, it appears that ongoing investigation revealed that the…
Category: Health Data
MO: Capital Region reaching out to patients about cyberattack
The News Tribune reports that the Capital Region Medical Center in Missouri has started notifying patients whose protected health information (PHI) was accessed during a ransomware incident in December, 2021 that left their phone systems and network down for several days. CRMC had disclosed the incident promptly but had not been able to immediately determine…
HHS Cybersecurity Update: Conti Ransomware Update
TLP: White Report: 202203101700 March 10, 2022 Conti Ransomware (Update) Executive Summary Conti is a ransomware group that has aggressively targeted healthcare organizations since it was first observed in 2019. Conti ransomware attacks have targeted the healthcare industry, major corporations, and government agencies, particularly those in North America. In typical Conti ransomware attacks, the…
287,652 South Denver Cardiology Associates patients notified of breach
South Denver Cardiology Associates (SDCA) recently disclosed that it began the new year with a data security breach that they first detected on January 4. Initiating their incident response plan, their investigation determined that an unauthorized person accessed their network between January 2, 2022 and January 5, 2022. During that time, certain files stored on…
Protenus releases the 2022 Breach Barometer report on health data breaches: More than 50 million affected
Protenus, a healthcare compliance analytics company, has released its annual Breach Barometer report. Protenus has been making its annual report on health data incidents freely available since 2016 as the result of an ongoing collaboration between the firm and DataBreaches.net. DataBreaches.net compiles incidents and provides some of their statistical analyses and is compensated for its…
Unable to determine what files were accessed, Norwood Clinic notifies all 228,103 patients
Norwood Clinic in Birmingham, Alabama is notifying 228,103 patients of a hacking incident that left them unable to determine what, if anything, had been accessed. In a notification to the Maine Attorney General’s Office, the clinic’s external counsel reported that the breach began on September 20 and was discovered on October 22. The types of…