CJ Baker reports: The Wyoming Department of Health knows it accidentally published the personal information of 164,000 residents on a public website earlier this year. But it remains a mystery as to whether any bad actors accessed the data before the department discovered the mistake and took the files offline. The roughly 54 files that…
Category: Health Data
Healthcare entities in Saudi Arabia, Illinois, and Mississippi fall prey to Xing Team
Note: updates to the breaches included in this report appear below the original post. Some threat actors have gained a lot of notoriety while others are lesser known. In this article, DataBreaches.net reports on a relatively unknown group that has been hitting the healthcare sector, “Xing Team.” Like other groups, Xing maintains a dedicated leak…
Arizona Asthma and Allergy Institute Provides Notice of Maze Attack in 2020
An incident initially reported to HHS on May 3 has been updated to 70,372 patients from the initial report of 50,000. The following is the entity’s notice on their web site, and after you read it, I’ll meet you on the other side to explain it more, because they only discovered the breach when DataBreaches.net…
In: Health Ministry Refutes CoWIN Data Leak Claim, Initiates Investigation
Archis Chowdhury reports: The Ministry of Health and Family Welfare refuted the claims around a breach in vaccination data of over 150 million individuals from the CoWIN portal, and termed such claims to be prima facie fake, in a statement issued on Thursday. It also stated that the matter is being further investigated by the…
OH: Five Rivers Health Centers notified 155,748 patients after phishing incident
On May 28, Five Rivers Health Centers in Ohio notified HHS about a data security incident that impacted 155,748 patients. The following is their media notice, linked from the home page of their web site if you can find it (see attached, where I highlighted the location of the link on their home page). DataBreaches.net…
Chief Operating Officer of Network Security Company Charged with Cyberattack on Medical Center
Note: It seems possible that the incident described in DOJ’s press release below is the incident reported by Salted Hash and DataBreaches.net in 2018. According to Singla’s LinkedIn account, he was COO at Securolytics in Atlanta at the time of the Gwinnett breach. A Georgia man was arraigned today on charges arising out of a…