Brian Krebs reports: MEDantex, a Kansas-based company that provides medical transcription services for hospitals, clinics and private physicians, took down its customer Web portal last week after being notified by KrebsOnSecurity that it was leaking sensitive patient medical records — apparently for thousands of physicians. On Friday, KrebsOnSecurity learned that the portion of MEDantex’s site…
Category: Health Data
New Orangeworm attack group targets the healthcare sector in the U.S., Europe, and Asia – Symantec
There’s a new report out from Symantec that is somewhat worrying. Symantec has identified a previously unknown group called Orangeworm that has been observed installing a custom backdoor called Trojan.Kwampirs within large international corporations that operate within the healthcare sector in the United States, Europe, and Asia. First identified in January 2015, Orangeworm has also…
Australia, your privacy has been breached — we reveal the biggest health data leaks
Sue Dunleavy reports: The sensitive health data of Australians is subject to a data breach every two days and the organisations and governments that fail to protect it are facing no financial penalties. As outrage builds over Facebook’s failure to protect privacy, a News Corp investigation has uncovered health data that shows if Australians have…
Illinois incorrectly mailed out personal information to more than 4,000 people
Bill Lukitsch reports: Personal financial and medical information of more than 4,000 people was mailed to the wrong addresses earlier this year, two state agencies announced Friday. “Notices containing personal information were mailed to 4,136 individuals at incorrect addresses,” a news release from the Illinois Department of Healthcare and Family Services and Department of Human…
MedWatch LLC notifies members whose protected health information was exposed on the internet
Florida-headquartered MedWatch, LLC is a care management company, providing risk management solutions to the self-funded health plan market. On or about April 13, they started notifying their clients’ health plan members after learning that a vendor misconfiguration error had exposed protected health information between October 20, 2017 and December 15, 2017. MedWatch did not name…
Polk County Health Services notifies mental health patients of breach that began in 2014
Polk County Health Services, Inc., in Iowa recently started notifying 1,071 patients seen at the Crisis Observation Center in Des Moines, Iowa between June 1, 2014 and January 11, 2018. According to a statement issued on April 13, Polk County Health Services, Inc. “accidentally and unknowingly disseminated” personal and protected health information for patients seen during that…