NewsNow reports: A company that offers psychotherapy to thousands of patients across Finland says it’s been the victim of a data breach, with the personal information of customers held for ransom. Vastaamo, which sees patients in 20 cities including Helsinki, Joensuu, Jyväskylä, Pori, Turku and Tampere, says “an unknown hostile party” got in touch with them…
Category: Health Data
IA: OCSD, KCSD report data security breach of student info at Medicaid billing service
Emily Hawk reports on what has the makings of a significant breach: A contractor used by the Oskaloosa Community School District and the Knoxville Community School District has experienced a data security incident that resulted in a breach of personal student information. Timberline Billing Services, Inc. provides Medicaid billing and reimbursement services to both districts,…
OSF Healthcare notifying patients of the Blackbaud incident
OSF HealthCare System (“OSF”) is mailing letters to its patients advising them of the Blackbaud ransomware incident that has already impacted more than 10 million other patients. OSF’s statement doesn’t reveal when Blackbaud first notified them, but they report that On August 20, 2020, OSF’s investigation and review of the Blackbaud database involved in the…
MI: Dickinson County Healthcare System responding to malware attack
Alyssa Jawor reports: The Dickinson County Healthcare System is in the process of a confidential investigation and recovery after the hospital had a ransomware attack on Saturday. A written statement provided to TV6, from the hospital says, ‘DCHS is in the process of responding to a recent security incident involving malicious software (commonly known in…
Passavant Memorial Homes Family of Services notifies 25,000 after someone alerts them to vulnerability
I’ve just read a breach notification from an incident that was reported to HHS as impacting 25,000. Reading it, it sounds like someone tried to tip the entity that they had a vulnerability and the tipster provided proof. But then their investigation couldn’t definitively prove that no data had ever been accessed or exfiltrated or…
Misconfigured cloud storage bucket exposed Pfizer drug safety-related reports — researchers
For lo, these many years, DataBreaches.net has been reminding everyone that not all leaks or breaches involving medical or sensitive personal health information are covered by HIPAA. Today’s story is a reminder of that. vpnMentor recently contacted DataBreaches.net about a leak their research team, led by Noam Rotem and Ran Locar, had discovered. The leak…