Ciara Phelan reports: A woman told of her shock after receiving two different medical files containing separate patients’ STI results and a mental health diagnosis. Rachel Healy, 38, from Co Cork, said she received a medical file via email on August 5 from Union Quay Medical Centre in Co Cork which was not hers. The file contained the…
Category: Health Data
Please stop hard-wiring AWS credentials in your code. Looking at you, uni COVID-19 track-and-test app makers
Thomas Claburn reports: Albion College has a plan for students to return safely to campus this fall amid the COVID-19 coronavirus pandemic. It involves being tracked by an app that, at least until a few days ago, appears to have been insecure. The Michigan institution announced its plan on July 28, which calls for testing coordinated by…
NC: Lawsuit: ‘Alarming’ data breach at Coastal Prep Academy exposed sensitive personal data
Benjamin Schachtman reports: According to a letter sent to parents by Coastal Preparatory Academy and a lawsuit filed in Superior Court, a former employee obtained extremely sensitive personal information about parents and students, including social security numbers, health and financial information, and employment records. The charter school has filed several civil actions to recover passwords,…
Report: “No Need to Hack When It’s Leaking:” GitHub Leaks of Protected Health Information
The message request showed up in my Twitter notifications: Hi There! 🙂 I see you have some experience in getting the right amount of attention for medicaid related data leaks. I have found admin credentials to some super sensitive medical billing processing system and get nothing but silence on all available contact channels and no…
Medical Debt Collection Firm R1 RCM Hit in Ransomware Attack
Brian Krebs reports: R1 RCM Inc. [NASDAQ:RCM], one of the nation’s largest medical debt collection companies, has been hit in a ransomware attack. Formerly known as Accretive Health Inc., Chicago-based R1 RCM brought in revenues of $1.18 billion in 2019. The company has more than 19,000 employees and contracts with at least 750 healthcare organizations nationwide. Read…
Medical records for cardiac patients left unsecured online
On August 2, a researcher contacted DataBreaches.net about a misconfigured Amazon s3 storage bucket they had discovered. The bucket contained more than 10,000 files, recently updated, with protected health information of patients seen by or involved with BioTel Heart cardiac data network. Sometimes it is easy to figure out the likely owner of an Amazon…