On January 3, the Native American Rehabilitation Association of the Northwest, Inc. (NARA NW) in Portland, Oregon announced that it experienced a cybersecurity incident November 4-5, 2019. The attack was described as a malware incident with Emotet malware injected when some employees fell for a phishing attack on November 4. The incident was recognized quickly…
Category: Health Data
Chinese tech companies still can’t stop medical data leaks
Eliza Gkritsi follows up on something previously reported on this site based on research by WizCase that they had shared with this site. WizCase subsequently updated their own post, here. Two security flaws at Chinese medical device operators put over 24 million patient records at risk in October. These medical data leaks reveal how cybersecurity practices…
Mercy Health Lorain Hospital Laboratory patients notified of HIPAA breach due to contractor invoice printing error
Although no actual or attempted access or misuse of patient or guarantor information has been discovered, RCM Enterprise Services, Inc. (“RCM”) is providing notice to certain individuals regarding an error in the invoice mailing process that caused individually identifiable information to appear in the clear address “window” on medical invoices. RCM provides patient billing services…
Hackers access Sask. eHealth system, demand ransom
Wayne Mantyka reports: Hackers made it through the first level of security for Saskatchewan’s eHealth records system this weekend, locking the government out of some systems. Jim Hornell with eHealth Saskatchewan told CTV News the hackers are demanding the government pay an unspecified ransom to get the system back under its control. Read more on…
What OPSEC? Member of “thedarkoverlord” allegedly used his personal details to set up hacking and extortion-related accounts.
In what seems like a mind-boggling OPSEC #FAIL, a U.K. man associated with thedarkoverlord allegedly used his real details to create bank accounts as well as to open email accounts, phone numbers, vpn, Twitter, and PayPal accounts that thedarkoverlord used as part of its operations to hack and extort victims. For a group that signed…
West Georgia Ambulance Company Pays $65,000 to Settle Allegations of Longstanding HIPAA Noncompliance
Are you surprised to see a settlement with HHS arising from an investigation that began when an entity reported a stolen laptop in 2013? Keep reading this notice from HHS to find an explanation: West Georgia Ambulance, Inc. (West Georgia), has agreed to pay $65,000 to the Office for Civil Rights (OCR) at the U.S….