I’ve continued to add updates to a post about the Netgain Technology breach. Keep in mind that the ransomware incident occurred in November, 2020, and since January, we have seen entities disclosing the incident. But one disclosure today is somewhat frustrating to read — and not just for the delay in notification, but for the…
Category: Health Data
NZ: New Zealand, hacker attack: Zeppelin ransomware blocks patient care at Waikato DHB
Marco A. De Felice writes: More than a week after the May 18 cyber attack, the computer systems of the Waikato District Health Board (Waikato DHB) have not yet been restored. Some scheduled surgeries in DHB’s five hospitals have been postponed, while non-urgent cases are postponed until all IT systems are back in operation. From…
Having your ePHI dumped on the dark web by threat actors doesn’t necessarily give you standing to sue
In May, 2020, Assured Imaging in Arizona experienced a ransomware attack that they revealed in August, 2020.The incident reportedly impacted 244,813 patients. The data dump by the Pysa threat actors contained a lot of ePHI that appeared to be mostly mammography pre-screening histories or forms with data types such as medical record number, names, addresses,…
Bengaluru civic body faces flak over data breach of Covid patients
Devina Sengupta&Akshatha M report: Covid-19 data records of those who have tested in Bengaluru were out in the public domain for some time, which is a clear violation of IT rules around data privacy and can lead to misuse of the information, experts have said. Free Software Movement of India, a coalition of organisations working on data privacy, on Tuesday…
AEON Clinical Laboratories (Peachstate) Pays $25,000 to Settle Potential HIPAA Security Rule Violations
Peachstate Health Management, LLC, doing business as AEON Clinical Laboratories (Peachstate), has agreed to pay $25,000 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) and to implement a corrective action plan to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. …
Mercy University Hospital secures court injunction against ransomware hackers
Aodhan O’Faolain reports: A Cork-based hospital has secured injunctions from the High Court restraining any sharing, processing, selling or publishing of data believed stolen from its computer systems in the cyberattack. The orders were made in favour of the Mercy Hospital Cork against “persons unknown” responsible for accessing the hospital’s IT system, that is separate…