Angela Denning reports that Petersburg Medical Center has come out with more information about a medical records breach. They say about 200 patients were affected. The medical center sent out letters to all patients whose medical records may have been viewed by this employee. So, how did they find out about it in the first…
Category: Health Data
Ransomware attacks of two more medical entities disclosed: one in U.S., one in Canada
It seems that every day, we learn of more ransomware attacks on healthcare entities. Here are two more. Arizona: Cochise Eye and Laser The most recent update to HHS’s public breach tool included an incident reported by RF Eye, P.C., dba Cochise Eye and Laser. On February 17, the Arizona entity posted a notice on…
Indian state government website exposed COVID-19 lab test results
Zack Whittaker covers a data leak first reported by BleepingComputer. You can read TechCrunch’s report on the incident here.
AllyAlign notifies 76,348 members and providers of ransomware attack
AllyAlign Health (AAH), a Medicare Advantage special needs plan administrator, recently notified 76,348 members and providers of an attempted ransomware attack. But how successful were the threat actors? And what could the Virginia firm figure out and what couldn’t they figure out based on their investigation? According to AAH’s notification letter, the attack occurred on…
Ca: Snooping employee showed interest in pregnant women’s medical records, says lawyer
A years-old privacy breach at Central Health has had a particular impact on pregnant women and new parents, says a St. John’s lawyer who is filed a class-action lawsuit. Bob Buckingham says a disproportionate number of calls to his office regarding the breach are from people who say medical records relating to their pregnancies were…
Ripe for extortion? Navajo Nation hospital targeted by large-scale ransomware hack
Kevin Collier has a follow-up on the Rehoboth McKinley Christian Health Care cyberattack first reported by DataBreaches.net on February 16. From Collier’s reporting, it seems that those impacted by the breach have yet to be notified. As I’ve advocated many, many times: when PII or PHI are publicly dumped by criminals, taking 60 days to…