Update 1: And now add Seacoast Pathology, (9,300 affected) to the 20,000 described in the original post below, and the approximately 21 million disclosed last month. Update 2 (July 21): And now add American Esoteric Laboratories (541,900), CBLPath, Inc. (148,900), and Natera (unspecified number) to the list and tally. Update 3 (July 22): And now…
Category: Health Data
Victims of AMCA’s breach allege AMCA not helpful enough in incident response
The other day, I wondered aloud whether there was anything the American Medical Collection Agency (Retrieval Masters) could have done after they were hacked to keep their big clients like Quest Diagnostics and LabCorp. An interesting report by Marianne Kolbasuk McGee on BankInfoSecurity suggests that there might have been. McGee reports that newly submitted court…
OH: Edgepark Medical Supplies notifying 6,572 patients after a “password spray attack”
It appears that RGH Enterprises, Inc., d/b/a Edgepark Medical Supplies, has had another HIPAA breach. The first time they came to this site’s attention was in January, 2014, when they disclosed a 2013 malware incident that had gone undetected for nine months and potentially impacted 4,230 patients. Then in January, 2018, they notified HHS and…
Wise Health notifies almost 36,000 after phishing attack compromised employees’ email accounts
Last week, I read a breach notification from Wise Health in Texas, and I duly noted it in my monthly worksheet. Not all incidents logged in my worksheet get reported on the blog, but I do include them in my monthly statistical analyses. Today, however, I see that Wise Health reported the incident to HHS…
PA: Software firm, health care provider accuse each other of theft
Nicholas Malfitano reports on a lawsuit in which a healthcare provider, Post Acute Medical, LLC (PAM), accuses the former owner and operator of its computerized records database, Christopher LeBlanc and Meridian Hospital Systems Corporation of Dallas, Texas, of illegally retaining its confidential patient data. The suit was filed in federal court for the Middle District…
University of Alabama warns of computer breach at Brewer-Porch center
Tuscaloosa News reports: The University of Alabama says a 2009 computer security incident involving a server for Brewer-Porch Children’s Center may have exposed some personal information for about 1,400 former clients, employees and medical providers. In June, staff preparing an old server for disposal discovered unauthorized login activity between Oct. 24, 2009, and Dec. 9,…