Kevin Collier reports: A major hospital chain has been hit by what appears to be one of the largest medical cyberattacks in United States history. Computer systems for Universal Health Services, which has more than 400 locations, primarily in the U.S., began to fail over the weekend, and some hospitals have had to resort to filing…
Category: Health Data
NY: Century Specialty Script notifying customers and patients after employee Office account compromised
Century Specialty Script, LLC (“Century”) is a specialty pharmacy in New York. Yesterday, it disclosed a data security incident potentially impacting protected health information. According to their press release, they do not know when it happened, but one employee’s Microsoft Office365 accounts was compromised. The intruder’s access was discovered on or about July 28, and…
Nebraska Medicine was victim of cyber attack
Kevin Westhues reports: Nebraska Medicine confirmed Thursday night that it was the victim of a cyber attack. The attack caused a significant downtime for its information technology system, leading to many postponed appointments throughout the week. The entity issued a statement on Thursday that says, in part: Earlier this week Nebraska Medicine experienced a significant…
Health Insurer Pays $6.85 Million to Settle Data Breach Affecting Over 10.4 Million People
HHS has announced another big settlement and corrective action plan. This one stems from a hack of Premera Blue Cross (PBC) in 2014 that went undetected until March of 2015. DataBreaches.net had covered this incident at the time and the follow-ups that included a class action lawsuit that settled, a settlement with state attorneys general,…
Interim Report on Blackbaud Breach: 5.6 million patients and counting…
Since our first interim report, DataBreaches.net has continued to compile reports that mention patient information that was disclosed to Blackbaud and that may have been accessed or exfiltrated by ransomware threat actors in the data breach discovered in May. Despite the criminals pinky-swearing that they wouldn’t misuse the data and would destroy it all in…
OH: Stark Summit Ambulance notified patients and employees of data breach
Ohio-based Stark Summit Ambulance has disclosed a data security incident impacting employees and patients. On May 28, 2020, the firm learned of unusual activity involving one Stark Summit Ambulance employee email account. Over the next few months, as they continued investigating, they discovered more employee email accounts that had been compromised. By the end of July,…