As of this morning, more than a dozen rehabilitation hospitals have disclosed a breach with unauthorized access to their systems between January 16 and February 4. The intrusion was discovered on February 1. The attack resulted in access to patient data that included names and at least one of “addresses, birth dates, medical record numbers,…
Category: Health Data
Grassley, Wyden Probe Data Breach that Exposed 1.5 Million Organ Transplant Patients’ Sensitive Data
AJ Taylor reports: Sens. Chuck Grassley (R-Iowa) and Ron Wyden (D-Ore.) are holding the United Network for Organ Sharing (UNOS) accountable after a data breach allowed UNOS system users unauthorized access to over a million sensitive patient records. This technology breakdown is the latest in a string of failures at UNOS, which for 40 years…
Commonwealth Healthcare Corporation breached, patient data involved
A new leaksite appeared this past week that appears to have been created for one particular incident. The notice begins: Dear Visitor of Commonwealth Healthcare Corporation LEAK website: We regret to inform you that Commonwealth Healthcare Corporation has experienced a complete data breach from its internal servers. This includes the data of all patients, medical…
OK: Emergency Medical Services Authority notifies patients of hacking incident
Terré Gables of KFOR reports: Emergency Medical Services Authority (“EMSA”) says, it has identified suspicious activity in its IT network and is mailing letters to patients whose information may have been involved. According to EMSA, on February 13, 2024, EMSA identified suspicious activity in its IT network. EMSA immediately initiated its incident response protocols, which involved…
American Renal Associates patients affected by ransomware attack
Marco A. De Felice reports: The American Renal Associates (now known as Innovative Renal Care), with over 230 locations across the United States, has become the latest victim in the clinical-hospital sector of a ransomware attack. Recently, the Medusa group has made thousands of PHI and PII data stolen from the company’s servers on March 2nd publicly available on…
AHA seeks guidance on reporting breaches linked to Change cyberattack
Naomi Diaz reports: The American Hospital Association sent a letter to the HHS urging them to clarify whether hospitals and health systems should be providing breach notification to patients if protected health information is compromised due to the Feb. 21 cyberattack on Change Healthcare. The March 21 letter, penned to Melanie Fontes Rainer, acting director of the…