Jonathan Greig reports: Hospitals and other healthcare businesses would be required to adopt minimum cybersecurity standards and face annual audits under new legislation introduced by two prominent senators on Thursday. The Health Infrastructure Security and Accountability Act, announced by Sens. Ron Wyden (D-OR) and Mark Warner (D-VA), would provide $1.3 billion for the Department of…
Category: Health Data
HHS Office for Civil Rights Settles Ransomware Cybersecurity Investigation for $250,000
The following is a press release from HHS OCR concerning a settlement stemming from a March 2017 ransomware attack experienced by Cascade Eye & Skin Centers in Washington. DataBreaches was not previously aware of this incident and can find no news coverage of it at the time nor any entry on HHS’s public breach tool…
AU: I-MED data breach exposes tens of thousands of patient files using details shared online for a year (1)
Cam Wilson reports: Tens of thousands of patients from Australia’s biggest medical imaging provider I-MED have had swaths of sensitive health and personal information exposed in a data breach using details that have been public for a year. This sounds like another case where a threat actor found credentials online. Crikey reports: In this case,…
Star Health sues Telegram after hacker uses app’s chatbots to leak data
Reuters reports: Star Health has sued Telegram and a self-styled hacker after Reuters reported that the hacker was using chatbots on the messaging app to leak personal data and medical reports of policy holders. The lawsuit comes amid growing scrutiny of Telegram globally and the arrest of its founder Pavel Durov in France last month,…
Hacker uses Telegram chatbots to leak data of top Indian insurer Star Health
Christopher Bing and Munsif Vengattil report: Stolen customer data including medical reports from India’s biggest health insurer, Star Health, is publicly accessible via chatbots on Telegram, just weeks after Telegram’s founder was accused of allowing the messenger app to facilitate crime. The purported creator of the chatbots told a security researcher, who alerted Reuters to…
UK: Data on nearly 1 million NHS patients leaked online following Qilin ransomware attack on London hospitals
Alexander Martin reports: People with symptoms of sensitive medical conditions, including cancer and sexually transmitted infections, are among almost a million individuals who had their personal information published online following a ransomware attack that disrupted NHS hospitals in London earlier this year, according to an analysis shared with Recorded Future News. The examination by CaseMatrix, a company…