Marianne Kolbasuk McGee of HealthInfoSec poses a question about why Change Healthcare’s report to HHS indicated that 500 patients were affected when they already admitted that there were millions. Why use such a low placeholder instead of a higher number when it has been months since they discovered the breach and they must have some…
Category: Health Data
Cencora confirms patient health info stolen in February attack
Over on Bleeping Computer, Lawrence Abrams reports that Cencora confirmed that protected health information was involved in the February cyberattack in its recent SEC filing, As DataBreaches previously reported, a number of Cencora—-Lash Group’s clients disclosed that personal and protected health information (PHI) was involved when they sent out notifications to their patients in May…
OneBlood Target of Ransomware Event; Blood Community Rallies to Help as Urgent Call for Donors is Issued
From OneBlood: OneBlood, the not-for-profit blood center serving much of the southeastern United States is experiencing a ransomware event that is impacting its software system. OneBlood is working closely with cyber security specialists, and also federal, state and local agencies as part of their comprehensive response to the situation. “OneBlood takes the security of our…
Northeast Rehabilitation Hospital Network’s “incident” was a ransomware attack with data leaked, but they haven’t said that.
Northeast Rehabilitation Hospital Network (“NRHN”) is a comprehensive network of physical rehabilitation services that includes four inpatient hospitals and 25+ outpatient rehabilitation clinics. It also provides pain management and specialized pediatric outpatient rehabilitation. On July 19, NRHN notified the U.S. Department of Health & Human Services (HHS) of a “hacking/IT incident” that affected 501 patients. The “501” is…
UAB study postcard discloses patient information
Haven’t seen a postcard health data breach in a while, but here we are. WBRC in Birmingham Alabama reports The UAB School of Nursing has informed 1,655 patients this week of an incident in which a study recruitment postcard sent to the patients inadvertently shared protected health information (PHI). According to a press release from…
Newborn data allegedly accessed by doctor seeking profit
It’s an old story, but it continues to occur: insiders using data to open their own businesses or practices. This time, 800 people are being notified by Windsor area hospitals in Canada that their babies’ data was “inappropriately accessed” by a pediatrician within Windsor Regional Hospital. Travis Fortnum reports: In a statement sent to CTV…