On March 14, DataBreaches.net reported that Advanced Urgent Care of the Florida Keys had been attacked, and patient data dumped. The data dump had been listed on a Russian-language forum known for data dumps, and the threat actor, then known as “m1x,” called the medical group “Malicious Defaulters” because they wouldn’t pay to prevent data…
Category: Health Data
Patients need to be notified sooner of ransomware dumps
In the past year, we have seen a significant increase in the use of dedicated leak sites where ransomware threat actors post the names of victims and dump some of their data to pressure them to pay demanded ransom. In the U.S., HIPAA gives covered entities no more than 60 days from discovery of a…
UVM Hospital Network Hit by Cyber Attack Restoring Services
NECN reports: Computer experts at the University of Vermont Medical Center are working to restore systems disabled in a cyberattack that have hurt the hospital’s ability to provide some cancer treatments. Officials are working to expand the capacity to provide chemotherapy at the UVM Medical Center in Burlington to seven days per week and three…
Ca: 2 hard drives and documents with personal health info left behind during MLHU move
CTV reports: The Middlesex-London Health Unit (MLHU) is defending itself over a privacy breach earlier this year when papers and two computer hard drives containing personal information and personal health information were left behind at its former headquarters on King Street. It happened during the move to its new location inside Citi Plaza in the…
Mayo Clinic faces lawsuit in breach of patients’ health records
Not surprisingly, Mayo Clinic is facing a lawsuit over an insider-wrongdoing (snooping) breach that was disclosed last month. Jim Spencer reports: Patients whose medical records were improperly accessed by a former Mayo Clinic employee are attempting to mount a class-action lawsuit against the health care provider for failing to protect their sensitive personal data. The…
UK: ‘Thousands’ of people could have had personal details in cyber attack on Sandicliffe car dealership
For what… about 14 years now… I have pointed out how many non-medical entities hold sensitive medical information on consumers that may get caught up in breaches. Today’s example is out of the U.K., where Phoebe Ram reports: The bank account details and medical histories of ‘possibly thousands’ of people were stolen during a cyber…