On July 30, 2021, DataBreaches.net reported on a claimed cyberattack against Sandhills Center in North Carolina. Data for sale had shown up on the “Marketo” site, and when DataBreaches.net looked at the “proof packs,” of data, they included psychological evaluations and other documents with personal and sensitive information. Much of the data was old, and…
Category: Health Data
Data breach at Coalinga State Hospital reveals private information on nearly 1,800 patients
KFSN reports: On Friday, the State Hospital Department announced a privacy breach at Coalinga State Hospital. Employees have improperly provided confidential information about approximately 1,800 patients now and in the past to the US District Court in the Eastern District of California, officials said. The breach occurred on July 21, 2013, October 12, 2016, and…
One year after the malware attack on Düsseldorf University Hospital: no trace of perpetrators
Heise Online reports (translated): Almost a year after the momentous hacker attack on the Düsseldorf University Hospital, the investigators have no hot lead to the perpetrators. The investigations continued, however, because, among other things, responses to requests for legal assistance to authorities in several countries were pending, said a spokesman for the responsible public prosecutor’s…
Audit of the Department of Defense’s Controls on Health Information of Well-Known Department of Defense Personnel (DODIG-2021-106)
Summary from the OIG: Objective The objective of this audit was to determine whether the DoD effectively controlled access to health information of well-known DoD personnel. Background The DoD maintains millions of electronic health records on its DoD beneficiaries, [REDACTED] DoD personnel who are granted access to health information to perform their official duties…
700,000 French pharmacy Covid test results left publicly available
Ellie Fullalove reports (machine translation follows): A data leak involving an online platform used to transfer data from antigen tests carried out at pharmacies to the government platform SI-DEP has made 700,000 covid test results public, along with personal information. The platform known as Francetest was alerted to the bug in its system by the…
Sturdy Hospital in Attleboro sued over data breach
George W. Rhodes reports: A class action lawsuit has been filed against Sturdy Memorial Hospital alleging it failed to properly protect personal patient information that was stolen in a ransomware attack earlier this year. […] “Defendant maintained and secured the PII (personally identifiable information) in negligent manner by failing to safeguard against ransomware attacks,” the…