Katherine DeClerq reports: A Toronto hospital says that roughly 150 patients have been impacted by a data breach after a third-party employee allegedly stole medical reports in an effort to extort money from their company after being let go. According to a letter sent on Sept. 30 by a privacy and information access specialist at Unity…
Category: Health Data
MS: AAA Ambulance Service experienced ransomware attack
The Journal of Emergency Medical Services reports that AAA Ambulance Service in Mississippi was the target of an attempted ransomware attack over the summer. A notice posted on the ambulance service’s site explains that on or about July 1, they discovered an attempted attack, and took immediate steps to prevent the encryption of their systems…
University Hospital Limerick writing to 630 patients after alleged major data breach which saw information posted on Twitter
David Raleigh reports: University Hospital Limerick (UHL) is in the process of sending letters to over 600 patients following an alleged major data breach concerning patient data, including details of 95 children, which was then posted on social media. Gardaí have also been informed of the alleged breach by a non-HSE employee. It’s alleged the…
Clinical Trials Hit by Ransomware Attack on Health Tech Firm
Nicole Perlroth reports: A Philadelphia company that sells software used in hundreds of clinical trials, including the crash effort to develop tests, treatments and a vaccine for the coronavirus, was hit by a ransomware attack that has slowed some of those trials over the past two weeks. The attack on eResearchTechnology Inc., which has not…
New Jersey hospital paid ransomware gang $670K to prevent data leak
Lawrence Abrams reports: University Hospital New Jersey in Newark, New Jersey, paid a $670,000 ransomware demand this month to prevent the publishing of 240 GB of stolen data, including patient info. The attack on the hospital occurred in early September by a ransomware operation known as SunCrypt, who infiltrates a network, steals unencrypted files, and then…
Magnolia Pediatrics notifies patients of a security incident after OCR tells them it’s reportable
Almost one year after Magnolia Pediatrics notified 11,000 patients about a ransomware attack on an unnamed IT vendor, they are now notifying more than 12,000 patients of another attack. This time, they wound up firing their vendor. According to a notification on their web site, on March 26, the Magnolia Pediatrics discovered a security incident….