March 5. The U.S. Department of Health and Human Services (HHS) is aware that Change Healthcare – a unit of UnitedHealth Group (UHG) – was impacted by a cybersecurity incident in late February. HHS recognizes the impact this attack has had on health care operations across the country. HHS’ first priority is to help coordinate…
Category: Health Data
Update: Robert A. Purbeck, aka “Lifelock, to plead guilty in Atlanta
In 2018, a criminal hacker known as “Lifelock” reached out to DataBreaches to share details about two healthcare entities that had not met his ransom demands. These entities were a dental practice in Menlo Park, California, and the Holland Eye Surgery & Laser Center in Michigan. The latter case drew more attention from DataBreaches due…
Developing: AlphV allegedly scammed Change Healthcare and its own affiliate (1)
Developing: Someone claiming to be an “affiliate plus” for AlphV claims they were responsible for the Change Healthcare attack but that AlphV stole the payment Change Healthcare had made and suspended the affiliate’s account. The affiliate’s claims appeared on Ramp Forum and have been circulating since then. The post can be seen below, via @vx-underground:…
Three recent breach disclosures remind us how seldom timely breach notification is enforced under HITECH
Three recent data breach disclosures involving patient data all exceeded HIPAA’s 60-day deadline to notify HHS and individuals. Yakima Valley Radiology A breach involving the Washington state radiology service was added to Karakurt’s leak site in November 2023 with a listing claiming — without proof — that they had acquired 9.31 GB of files with financial…
Vastaamo victims’ lawyer: Some took their own lives after patient record leak
YLE News, STT report: Some patients from the Vastaamo psychotherapy centre had died by suicide after their patient records were stolen and used in extorition attempts, according to a lawyer representing victims. Legal arguments in the trial of Aleksanteri Kivimäki, who is accused of stealing the data and extorting victims, are scheduled to conclude next week….
Yes, Change Healthcare breach was us — BlackCat
Zack Whittaker reports that the ongoing cyberattack at Change Healthcare has been confirmed as a ransomware attack, with executives of the firm linking it to AlphV (BlackCat). Reuters was the first to report the claimed attribution to BlackCat, but until now, there has been no confirmation from BlackCat. Minutes ago, BlackCat informed DataBreaches that yes,…