Christopher Brown reports: Makers of health apps are scrambling to understand the extent of their legal liability after a divided Federal Trade Commission announced they’re now required to inform users about data and privacy breaches—and if they have used their customers’ health data without authorization. The commission approved 3-2 a policy statement that the makers of health…
Category: Health Data
Officials confirm patient data stolen in N.L. cyberattack
CBC News reports: Officials have confirmed that personal information of medical patients in Newfoundland and Labrador has been stolen in the cyberattack that has wreaked havoc on the provincial health-care system for over two weeks. While speaking with reporters on Monday, Justice Minister John Hogan said it was his understanding that both patient and employee…
When I emailed Overlake OB/GYN in July about a ransomware attack in 2020, I didn’t anticipate what would happen next.
In December, 2019, Overlake Medical Center & Clinics discovered that some employees had fallen for a phishing scheme. On February 7, 2020, they reported the incident to HHS as impacting 109,234 patients. As HHS subsequently summarized things: After the breach, the [Covered Entity] implemented additional administrative and technical safeguards and retrained its staff on the…
Rideau Valley Health Centre service disrupted due to ‘cyber security incident’
Matthew Lapierre reports that the Rideau Valley Health Centre’s IT systems have been impacted by what sounds like a ransomware incident that knocked out use of their phone system and otherwise impaired their ability to function. In the meantime, the clinic said the majority of physicians would be able to attend previously scheduled appointments, but…
Data of Lister fertility clinic patients and other medical practices compromised by ransomware attack on third-party vendor
Jay Jay reports: In a letter sent to about 1,700 patients, Lister Fertility Clinic said that a ransomware attack on Stor-a-file Limited, a firm that scans medical records for the clinic, compromised the sensitive information of patients. […] The document management firm said that the ransomware attack affected 13 organisations, six of them in the healthcare sector….
Threat actors add Johnson Memorial Health to dark web leak site
Johnson Memorial Health in Indiana was the victim of a ransomware incident in early October that was quickly reported in the press: The hackers gained access to the hospital’s network at 10:31 p.m. Friday and installed ransomware by 10:33 p.m. The hospital’s IT team discovered the attack within about 15 minutes and immediately shut down…