Martin Z. Braun reports: Municipal bond-financed facilities that treat cancer by proton radiation in Nashville and Knoxville, Tennessee reported an information technology “security incident” that has resulted in temporary but continuing disruptions to some clinical and financial operations, according to a Dec. 2 bond filing. Read more on Bloomberg Law (sub. req.). From the bond filing:…
Category: Health Data
Proposed settlement announced in Kalispell Regional Healthcare breach lawsuit
In October, 2019, Kalispell Regional Health suffered a phishing incident that impacted more than 100,000 patients. They were sued shortly thereafter. Today, a proposed settlement of the class action lawsuit was announced. The settlement has yet to be approved and the class hasn’t been certified yet for purposes of the suit. That is all scheduled…
Georgia dental practice discovers it was attacked by ransomware when the attackers call them on the phone
Well, this is a bit different from what I am used to reading. Galstan & Ward Family and Cosmetic Dentistry (Galstan & Ward) is a dental practice in Georgia. On September 9, 2020, they learned that they had been a victim of a ransomware attack — or an attempted attack — when they got a…
Thousands of US lab results and medical records spilled online after a security lapse
Zack Whittaker reports: NTreatment, a technology company that manages electronic health and patient records for doctors and psychiatrists, left thousands of sensitive health records exposed to the internet because one of its cloud servers wasn’t protected with a password. The cloud storage server was hosted on Microsoft Azure and contained 109,000 files, a large portion…
SC: McLeod Health notifying patients after breach of employee email account
From their notice on their web site: McLeod Health (“McLeod”) is committed to protecting the confidentiality and security of our patients’ information. Regrettably, we are addressing an email security incident that may involve some of that information. McLeod is currently reviewing the contents of an email account that was accessed by an unauthorized actor between…
Colorado mental health services provider reveals September attack impacted hundreds of thousands of clients and employees
It appears that AspenPointe, a Colorado provider of outpatient and inpatient crisis ,mental health, substance abuse, and behavioral services across the lifespan, is notifying employees and clients of a cyberattack that resulted in exfiltration of data. In a notice on their web site, which appears addressed more to employees than clients, they write: As you…