L’Obs with AFP report: After that of Dax , the Villefranche-sur-Saône (Rhône) hospital center announced on Monday February 15 that it was the victim of a “major” computer attack , detected at 4:30 am. This attack by the RYUK crypto-virus (a “ransomware” ) “strongly impacts” the sites of Villefranche, Tarare and Trévoux of the North West Hospital,…
Category: Health Data
Hacker attack on the Urological Clinic Munich Planegg
Martin Bernstein reports (translation): The Urological Clinic Munich Planegg(UKMP) and its patients recently fell victim to a hacker attack. This emerges from an information letter that the clinic sent out to patients in early February. It is obliged to do so according to the General Data Protection Regulation. The cyber attack occurred in mid-January. The clinic management did not respond to a…
Preliminary settlement approved in 21st Century Oncology 2015 breach case
Long-time readers may remember that 21st Century Oncology had a slew of serious problems going back to 2013 including a rogue employee-related breach that they were alerted to by law enforcement, and litigation under the False Claims Act that resulted in them paying $34.7 million for billing for medically unnecessary tests. But of note, in…
mHealth Apps Expose Millions to Cyberattacks
Becky Bracken reports: Some 23 million mobile health (mHealth) application users are exposed to application programming interface (API) attacks that could expose sensitive information, according to researchers. Generally speaking, APIs are an intermediary between applications that defines how they can talk to one another and allowing them to swap information. Researcher Alissa Knight with Approov…
The Netherlands: 440,000 EUR fine for hospital for inadequate authentication and logging
Demi Rietveld and Richard van Schaik of DLA Piper write: The Dutch Data Protection Authority (Autoriteit Persoonsgegevens, “Dutch DPA”) has published its decision to impose an administrative fine of EUR 440,000 on Amsterdam hospital OLVG due to the lack of sufficient measures to prevent access to medical records by unauthorised personnel. After complaints, the Dutch…
After hackers blackmailed their clients, Finnish therapy firm declares bankruptcy
Graham Cluley reports: Vastaamo, the Finnish psychotherapy practice that covered up a horrific security breach which resulted in patients receiving blackmail threats, has declared itself bankrupt. Read more on Hot for Security.