Jessica Davis reports: The Department of Defense Health Agency (DHA) failed to consistently implement security measures to protect the systems that stored, processed, and transmitted electronic health record and patient information, according to a DoD Office of Inspector General report released this week. The report found DHA and Army officials didn’t enforce the use of Common…
Category: Health Data
Employees sacked, CEO fined in SingHealth security breach
Eileen Yu reports: Two employees have been sacked and five senior management executives, including the CEO, fined for their role in Singapore’s most serious security breach, which compromised personal data of 1.5 million SingHealth patients. Further enhancements also will be made to beef up the organisation’s cyber defence, in line with recommendations dished out by…
Member of Anonymous sentenced to 10 years’ prison over hospital DDoS
Nate Raymond reports that the Martin Gottesfeld has been sentenced to more than 10 years in prison and $443,000 in restitution for his DDoS attack on Boston Children’s Hospital and another facility in 2014. Gottesfeld had been convicted on August 1, and had shown no remorse for his actions. According to prosecutors, in late 2013,…
Privacy commissioner finds Health Prince Edward Island response to unauthorized hospital employee accessing patient files was reasonable
Ryan Ross reports: Health P.E.I.’s response to a privacy breach involving patient health records was reasonable, but steps could have been taken to prevent it, says P.E.I.’s privacy commissioner. In a report released in December, privacy commissioner Karen Rose reviewed the unauthorized access of electronic health records for 353 people, which she referred to as…
“Crafty Cockney,” associate of thedarkoverlord, fighting extradition to the U.S. after being charged with hacking, extorting, U.S. medical entities in 2016
Now THIS is very big news on thedarkoverlord front: Joseph Curtis reports that Nathan Wyatt, who was jailed on fraud charges in the U.K. but has been released from prison there, is now fighting extradition to the U.S. on charges he was involved with hacking and extorting U.S. medical entities as part of thedarkoverlord. This…
MI: Sacred Heart Rehabilitation Center notifies patients of phishing incident
Another day, another phishing report from a HIPAA-covered entity. This time, it’s Sacred Heart Rehabilitation Center in Michigan. The phishing attack itself occurred in early April. It’s not clear when the center first discovered the breach, but they only first discovered PHI was involved in November. The center’s release did not reveal numbers, and this is…