DataBreaches.net notes two more ransomware attacks on U.S. medical entities. Neither of the incidents below, which impact approximately 56,000 patients in Florida and Texas, have appeared on any dedicated leak site affiliated with ransomware groups or markets – at least not as of the time of this publication. And neither incident has as yet shown…
Category: Health Data
FTC Warns Health Apps and Connected Device Companies to Comply With Health Breach Notification Rule
The Federal Trade Commission today issued a policy statement affirming that health apps and connected devices that collect or use consumers’ health information must comply with the Health Breach Notification Rule, which requires that they notify consumers and others when their health data is breached. In a policy statement adopted during an open meeting, the Commission noted…
Walgreens’ Covid-19 test registration system exposed — and still exposes? — patient data
Sara Morrison reports: If you got a Covid-19 test at Walgreens, your personal data — including your name, date of birth, gender identity, phone number, address, and email — was left on the open web for potentially anyone to see and for the multiple ad trackers on Walgreens’ site to collect. In some cases, even…
Northern Light Health reports data breach linked to Blackbaud incident
We are still first learning about Blackbaud clients impacted by their ransomware attack more than one year ago. We knew about some of the following, but not all. WGME reports: A Maine hospital says some patient information may have been stolen by hackers. Northern Light Health says information from its fundraising arm was also exposed….
OR: Southeast Health Center break-in compromises personal information of about 700 people
Multnomah County in Oregon is notifying some applicants for the Oregon Health Plan whose information may have been accessed during a break-in. The break-in occurred while the Health Center was closed for construction on August 4. Files in the cabinets included applicant records with name, date of birth, address, email address, Social Security number, insurance…
Ottawa Hospital apologizes to unvaccinated staff for privacy breach
CBC reports: The Ottawa Hospital has apologized to unvaccinated staff after an email was sent out offering a vaccine education session with each recipient’s name visible to others. The email was sent from one of the hospital’s software systems and recalled immediately, the hospital said in a statement emailed to CBC, adding all copies of the email…