It seems that every week I hear from researchers who find patient data or medical data exposed. And I know some of them spend inordinate amounts of time trying to contact entities to get them to secure their unsecured sensitive data. Some of these researchers do this for no pay and no expectation or hope…
Category: Health Data
Mishandling of Veterans’ Sensitive Personal Information on VA Shared Network Drives — Audit by Veterans Affairs OIG
VA OIG 19-06125-218 | October 17, 2019 From the Executive Summary: The OIG team found that veterans’ sensitive personal information was left unprotected on two shared network drives, where it was accessible to VSO officers who did not represent those veterans. Senior Office of Information and Technology (OIT) representatives told the team that other authenticated…
Athens man sues local health agency for data breach
In April 2019, Health Recovery Services in Ohio disclosed a breach that had begun in November 2018 and had continued until February 5, 2019 when the intrusion was detected. In April, they claimed that although they had no evidence that any protected health information had been obtained, they couldn’t definitively rule it out. Now Conor…
Mission Health sends letter warning of website data breach spanning years
WLOS reports: A data breach on the Mission Health store website spanning years has many on edge across Western North Carolina and beyond. In a statement mailed to patients, Mission Health says they found a malicious code present on the store website that was sending the payment information to an unauthorized person. According to the…
TX: Hunt Memorial Hospital District notifies additional patients about May 2018 breach
Brad Kellar of the Herald-Banner reports: The Hunt Memorial Hospital District released an update regarding a criminal cyber attack which was discovered against the district earlier this year, warning more of the district’s patients may have been impacted. […] According to the release, the cyber attack occurred in May 2018 “during which hackers gained access…
UK: Patient’s private answerphone message became Devon hospital’s voicemail
Okay, this is a bit different as far as breaches go. Anita Merritt reports: A Devon hospital has apologised after a caller’s voicemail, containing personal patient details, became the hospital’s answerphone message for more than seven hours. During that time the caller was inundated with calls from patients giving details about their health problems believing…