I was reading yet another press release about an incident involving protected health information. This one was from Independence Blue Cross in Philadelphia. Let me start by quoting the relevant part and then I’ll meet you on the other side: On May 8, 2020, the Independence Blue Cross Privacy Office was notified that certain member information…
Category: Health Data
One of Florida’s largest orthopedic providers faces class-action lawsuit after data breach
Is it possible to have a data breach and NOT get sued these days? It doesn’t seem so. Jackie Callaway reports: One of Florida’s largest orthopedic providers is facing a class-action lawsuit after hackers stole personal information from potentially thousands of patients. Attorney John Yanchunis of Morgan & Morgan filed the lawsuit against the Florida…
Misconfigured firewall resulted in LogBox data exposure and conflicting claims
Earlier this week, Jake Bright of TechCrunch reported that security researcher Anurag Sen had found an exposed database belonging to LogBox, a South African medical data app that allows patients to share information with their doctors more easily. According to TechCrunch’s report, the researcher had found an exposed database containing account access tokens for “thousands…
Hakbit ransomware campaign targeting specific European countries
Derek Kortepeter reports: Proofpoint researchers have published findings on a campaign involving the Hakbit ransomware. As their blog post states, the ransomware is being spread via spear-phishing emails targeted at individuals in “mid-level positions across the pharmaceutical, legal, financial, business service, retail, and healthcare sector.” The attacks, described as low-volume, are specifically targeting employees of organizations located in…
Grays Harbor County Hospital Settlement
Grays Harbor Community Hospital in Washington suffered a ransomware attack in 2019. Despite their best efforts, not all data was recoverable. And not surprisingly in our litigious society, a lawsuit was filed against it. According to a proposed settlement announced this week, the lawsuit claims that Grays Harbor was responsible for the Data Incident and…
Hackers obtain Covid-19 patient database in protest at treatment of Indian health workers
Joe Wallen reports: Hackers claim they have accessed the personal data of 80,000 Covid-19 patients in New Delhi stored on a local government website, in protest at the treatment of beleaguered healthcare workers. The Kerala Cyber Hackers group says it broke into the Delhi Government’s Delhi State Health Mission website in less than 10 minutes on Saturday night. Read…