The Federal Trade Commission today announced it has finalized changes to the Health Breach Notification Rule (HBNR) that will strengthen and modernize the rule by clarifying its applicability to health apps and other similar technologies and expanding the information that covered entities must provide to consumers when notifying them of a breach of their health…
Category: Health Data
Unsecured Health Genie bucket exposed almost 450,000 files with patient data — Cybernews
It is disgraceful that there are so many huge data leaks involving sensitive personal data, and yet here we are again. Cybernews reports: Health Genie, a healthcare IT solutions provider, left an open instance, exposing patients’ personal details as well as sensitive clinical data. The India-based healthcare solutions provider left an open Amazon S3 bucket,…
LivaNova to notify U.S. patients of October 2023 ransomware incident (1)
A press release from medical technology firm LivaNova PLC indicates that patients of LivaNova U.S. are being notified of a breach first disclosed in November of 2023. An investigation at the time indicated that their systems were first accessed without authorization on or around October 26, 2023, but it was not until April 10, 2024…
Judge Advises Dismissal of CommonSpirit Breach Lawsuit
Marianne Kolbasuk McGee reports: A second federal judge has recommended the dismissal of a second proposed class action lawsuit against Catholic hospital chain CommonSpirit over a 2022 cyberattack and data breach that affected nearly 624,000 people. Both judges said the plaintiffs failed to show how they were harmed by the breach. U.S. Magistrate Judge Susan…
Kaiser to notify millions of a data breach after sharing patients’ data with advertisers
Zack Whittaker reports: U.S. health conglomerate Kaiser is notifying millions of current and former members of a data breach after confirming it shared patients’ information with third-party advertisers, including Google, Microsoft and X (formerly Twitter). In a statement shared wcith TechCrunch, Kaiser said that it conducted an investigation that found “certain online technologies, previously installed…
UnitedHealth paid ransom to bad actors, says patient data was compromised in Change Healthcare cyberattack (1)
Ashley Capoot reports: UnitedHealth Group on Monday said it paid ransom to cyberthreat actors to try and protect patient data, following the February cyberattack on its subsidiary Change Healthcare. The company also confirmed that files containing personal information were compromised in the breach. “This attack was conducted by malicious threat actors, and we continue to…