I’ve been reading some other sites’ coverage of the Pfizer leak that was discovered by vpnMentor and shared exclusively with DataBreaches.net. The incident involved a misconfigured cloud storage bucket that exposed hundreds of consumer/patient reports to Pfizer on a reporting line for drug safety concerns or other concerns. As such, it contained a lot of…
Category: Health Data
FI: Hackers hold patient information for ransom in psychotherapy data breach
NewsNow reports: A company that offers psychotherapy to thousands of patients across Finland says it’s been the victim of a data breach, with the personal information of customers held for ransom. Vastaamo, which sees patients in 20 cities including Helsinki, Joensuu, Jyväskylä, Pori, Turku and Tampere, says “an unknown hostile party” got in touch with them…
IA: OCSD, KCSD report data security breach of student info at Medicaid billing service
Emily Hawk reports on what has the makings of a significant breach: A contractor used by the Oskaloosa Community School District and the Knoxville Community School District has experienced a data security incident that resulted in a breach of personal student information. Timberline Billing Services, Inc. provides Medicaid billing and reimbursement services to both districts,…
OSF Healthcare notifying patients of the Blackbaud incident
OSF HealthCare System (“OSF”) is mailing letters to its patients advising them of the Blackbaud ransomware incident that has already impacted more than 10 million other patients. OSF’s statement doesn’t reveal when Blackbaud first notified them, but they report that On August 20, 2020, OSF’s investigation and review of the Blackbaud database involved in the…
MI: Dickinson County Healthcare System responding to malware attack
Alyssa Jawor reports: The Dickinson County Healthcare System is in the process of a confidential investigation and recovery after the hospital had a ransomware attack on Saturday. A written statement provided to TV6, from the hospital says, ‘DCHS is in the process of responding to a recent security incident involving malicious software (commonly known in…
Passavant Memorial Homes Family of Services notifies 25,000 after someone alerts them to vulnerability
I’ve just read a breach notification from an incident that was reported to HHS as impacting 25,000. Reading it, it sounds like someone tried to tip the entity that they had a vulnerability and the tipster provided proof. But then their investigation couldn’t definitively prove that no data had ever been accessed or exfiltrated or…