Nathaniel Lash reports: A public-data tool built by the Philadelphia Department of Public Health to track the prevalence of hepatitis infections left individuals’ health records accessible, compromising the names, addresses, Social Security numbers, and intimate health records of thousands of people receiving medical care in Philadelphia. The department learned of the breach Friday when an…
Category: Health Data
Monterey Health Center in Oregon, Central Valley Regional Center in California both announce patient data breaches
On August 12, 2019, Monterey Health Center in Oregon became aware that they had suffered a ransomware attack. According to a press release issued yesterday, they were able to restore patient data, and were able to rule out any data exfiltration, but were not able to rule out access to the patient data. The types…
UK: ‘I feel violated’ – Hospital sends personal details of 11 patients to wrong address
David Hannant reports: A disabled mother-of-two says she feels violated after personal details about her sent by her hospital were delivered to the wrong address. Cireena Read, of Northrepps, was distraught when she opened a letter from the Norfolk and Norwich University Hospital informing her of the error, which saw personal and medical details about…
LA: Magnolia Pediatrics notifying patients after attack on IT vendor resulted in ransomware infection
Ellyn Couvillion reports: A pediatrics practice in Prairieville is working with the FBI and has notified its patients’ families of a ransomware virus that in August attacked the computer network of the information technology company that provides IT services for the clinic. Read more on The Advocate.
Waitematā DHB sent private mental health notes to wrong patient, inquiry launched
Hannah Martin reports: A mother who requested her son’s medical records claims she was also sent “fully identifiable” mental health notes about another patient. The Auckland woman, who Stuff has chosen not to name for privacy reasons, said Waitematā District Health Board’s error was a “completely unacceptable” breach of patient privacy. Read more on Stuff.
IN: Methodist Hospitals notifies 68,039 after two employees fall for phishing attack
HealthIT Security also reports a breach at Methodist Hospital. There are many hospitals with “Methodist” in their name, so to be clear: this incident involved Methodist Hospitals in Indiana. Two employees of the Methodist Hospitals fell victim to phishing scams, which potentially compromised the data of about 68,039 patients. In June, officials said they detected…