VA OIG 19-06125-218 | October 17, 2019 From the Executive Summary: The OIG team found that veterans’ sensitive personal information was left unprotected on two shared network drives, where it was accessible to VSO officers who did not represent those veterans. Senior Office of Information and Technology (OIT) representatives told the team that other authenticated…
Category: Health Data
Athens man sues local health agency for data breach
In April 2019, Health Recovery Services in Ohio disclosed a breach that had begun in November 2018 and had continued until February 5, 2019 when the intrusion was detected. In April, they claimed that although they had no evidence that any protected health information had been obtained, they couldn’t definitively rule it out. Now Conor…
Mission Health sends letter warning of website data breach spanning years
WLOS reports: A data breach on the Mission Health store website spanning years has many on edge across Western North Carolina and beyond. In a statement mailed to patients, Mission Health says they found a malicious code present on the store website that was sending the payment information to an unauthorized person. According to the…
TX: Hunt Memorial Hospital District notifies additional patients about May 2018 breach
Brad Kellar of the Herald-Banner reports: The Hunt Memorial Hospital District released an update regarding a criminal cyber attack which was discovered against the district earlier this year, warning more of the district’s patients may have been impacted. […] According to the release, the cyber attack occurred in May 2018 “during which hackers gained access…
UK: Patient’s private answerphone message became Devon hospital’s voicemail
Okay, this is a bit different as far as breaches go. Anita Merritt reports: A Devon hospital has apologised after a caller’s voicemail, containing personal patient details, became the hospital’s answerphone message for more than seven hours. During that time the caller was inundated with calls from patients giving details about their health problems believing…
Philly health department website exposed names of thousands of people with hepatitis
Nathaniel Lash reports: A public-data tool built by the Philadelphia Department of Public Health to track the prevalence of hepatitis infections left individuals’ health records accessible, compromising the names, addresses, Social Security numbers, and intimate health records of thousands of people receiving medical care in Philadelphia. The department learned of the breach Friday when an…