Brian Kelley reports: The personal information of roughly 2,550 people was compromised by a “phishing” attack on the email account of an employee at Jefferson Healthcare, the organization announced Monday. The information stolen may have included the full names of individuals, as well as their dates of birth, phone numbers, home addresses, and health insurance…
Category: Health Data
“Without Undue Delay,” Part 2
If you follow the news on how lucrative ransomware attacks are, you have probably read how the Ryuk threat actors have made an estimated $150 million, and how Egregor threat actors are also doing a lot of damage. Neither group focuses solely on the healthcare sector, but recent reports by Check Point and Fortified Health…
TT: West Shore launches probe after technician’s post on PM’s health
Darlisa Ghouralal reports: West Shore Private Hospital has launched an investigation into an apparent breach of patient confidentiality following a post by a cardiac technologist regarding the medical care of Prime Minister Dr Keith Rowley. […] The post by the technologist, an employee of Cardiovascular Associates Limited (CVA) who is also a part-time independent contractor…
Leon Medical Centers issues statement about ransomware attack
Leon Medical Centers (LMC) in Florida has issued a press release about the ransomware attack it experienced, and that DataBreaches.net has reported previously. In our most recent report, we noted that Conti threat actors had dumped protected health information for numerous patients, while claiming that they still had more files from Leon that they would dump….
OCR Releases Report Summarizing HIPAA Privacy and Security Compliance Failures
Joseph J. Lazzarotti and Maya Atrakchi of JacksonLewis write: In the final days of 2020, the Office for Civil Rights (OCR) at the U.S. Health and Human Service (HHS) released a HIPAA Audits Industry Report (“the Report”), that could be quite helpful to covered entities and business associates for tackling HIPAA compliance as we enter the new…
Australian Digital Health Agency sees ‘inconsequential’ My Health Record data breach notices eroding trust
Ry Crozier reports: The Australian Digital Health Agency, overseer of the My Health Record, has expressed concern at the number and type of “potential” data breaches it is being forced to disclose. In a submission to the Privacy Act review [pdf], the agency (ADHA) asks for changes to the My Health Records Act under which…