Long-time readers may remember that 21st Century Oncology had a slew of serious problems going back to 2013 including a rogue employee-related breach that they were alerted to by law enforcement, and litigation under the False Claims Act that resulted in them paying $34.7 million for billing for medically unnecessary tests. But of note, in…
Category: Health Data
mHealth Apps Expose Millions to Cyberattacks
Becky Bracken reports: Some 23 million mobile health (mHealth) application users are exposed to application programming interface (API) attacks that could expose sensitive information, according to researchers. Generally speaking, APIs are an intermediary between applications that defines how they can talk to one another and allowing them to swap information. Researcher Alissa Knight with Approov…
The Netherlands: 440,000 EUR fine for hospital for inadequate authentication and logging
Demi Rietveld and Richard van Schaik of DLA Piper write: The Dutch Data Protection Authority (Autoriteit Persoonsgegevens, “Dutch DPA”) has published its decision to impose an administrative fine of EUR 440,000 on Amsterdam hospital OLVG due to the lack of sufficient measures to prevent access to medical records by unauthorised personnel. After complaints, the Dutch…
After hackers blackmailed their clients, Finnish therapy firm declares bankruptcy
Graham Cluley reports: Vastaamo, the Finnish psychotherapy practice that covered up a horrific security breach which resulted in patients receiving blackmail threats, has declared itself bankrupt. Read more on Hot for Security.
TX: Threat actors dump patient files from Nocona General Hospital
On February 3, Conti threat actors added Nocona General Hospital in Texas to their leak site, posting 20 files as proof that they had accessed the hospital’s files. Many of the files contained patient records from 2018, and appeared to be pdf scans or doc files. They did not appear to be records from any…
FR: The Dax hospital center targeted by a large-scale cyber attack
AC reports (translation): The telephone lines did not ring at midday. It was impossible to reach the Dax hospital center, which was targeted on Tuesday, February 9 by a large-scale cyber attack. “Our teams are doing their utmost to restore the situation as soon as possible,” said the establishment on its Twitter account. A crisis meeting…