Sara Gregory reports: School crisis plans that detail the medical issues of dozens of Norfolk students and teachers were posted online last week for anyone to access. […] Larchmont Elementary School’s plans, for instance, list a student with autism and two students with mobility issues. St. Helena Elementary School lists 27 students who have either…
Category: Health Data
TX: MedSpring Urgent Care notifies 13,000 patients after phishing attack
As Protenus’s Q-2 report for health data breaches in the U.S. indicates, phishing continues to account for a significant percentage of reported breaches. Here’s another phishing incident recently disclosed to HHS that will be in Protenus’s Q-3 report as affecting 13,034 patients: July 20, 2018 At MedSpring Urgent Care (MedSpring), we take the privacy and…
Protenus 2018 Q2 Report: 3.14M Patient Records Breached As Patients Are Increasingly Anxious About Health Data Security
As regular readers know by now, DataBreaches.net compiles data from health data breaches in the U.S. for Protenus, Inc. For the past few years, Protenus published monthly statistics and analyses, but this year, shifted to a quarterly report with more analyses and some fascinating proprietary data. Here’s an example of what you’ll find in their…
Telemedicine company exposed data of more than 2 millions patients in Mexico
Another day, another exposed database due to misconfiguration of a MongoDB installation. Bob Diachenko found it and reports on it: On August 3rd, I have discovered that personal information of 2,373,764 patients from Mexico is publicly available through a misconfigured MongoDB instance. Data included such fields as: Full name and gender; CURP number (i.e. Personal…
St. Mary’s Hospital Campus in Jefferson City notifies 301,000 of limited PHI left behind in a 2014 move
And this is why I always wait to close out monthly stats in healthcare. The following incident just showed up on HHS’s public breach tool today as having been reported to them on July 30, and affecting 301,000 patients. St. Mary’s Hospital’s notice, below, indicates that the entity was not sure of the number affected. …
OpenEMR patches serious vulnerabilities uncovered by Project Insecurity
Everyone has their own definition of a good day. Mine includes preventing breaches of patient medical information. Today qualifies as a good day, thanks to Project Insecurity. OpenEMR is open source software for managing electronic medical records (EMR) and other practice management functions. According to Wikipedia, OpenEMR is one of the most popular free electronic medical…