Brittany Toolis reports: As if battling cancer isn’t hard enough, now patients at UW’s Fred Hutchinson Cancer Center are being extorted. Last month, the Cancer Center experienced a data breach, exposing data for an unknown number of patients. Some of those patients are getting emails threatening to leak their personal information if they don’t pay…
Category: Health Data
The Untold Story of a Massive Hack at HHS in Covid’s Early Days
Jordan Robertson and Riley Griffin report: On March 15, 2020, just days after the US declared a national emergency because of the Covid-19 pandemic, the computer network for the US Department of Health and Human Services briefly vanished from the internet. In public remarks the following day, HHS Secretary Alex Azar attributed the 10-minute outage to a cyberattack but…
HHS’ Office for Civil Rights Settles First Ever Phishing Cyber-Attack Investigation
Louisiana Medical Group settles after investigation reveals large cybersecurity breach affecting nearly 35,000 patients Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR), announced a settlement with Lafourche Medical Group, a Louisiana medical group specializing in emergency medicine, occupational medicine, and laboratory testing. The settlement resolves an investigation following a…
Data breach by Addenbrooke’s Hospital reveals patient information
Mariam Issimdar and Nikki Fox report: A hospital trust has apologized after private information on more than 22,000 patients was released in two breaches. The leaks – in 2020 and 2021 – concerned maternity and cancer patients at Addenbrooke’s Hospital, Cambridge. Roland Sinker, chief executive of Cambridge University Hospitals NHS Foundation Trust said the breaches…
Millions of patient scans and health records spilling online thanks to decades-old protocol bug
Carly Page reports: Thousands of exposed servers are spilling the medical records and personal health information of millions of patients due to security weaknesses in a decades-old industry standard designed for storing and sharing medical images, researchers have warned. This standard, known as Digital Imaging and Communications in Medicine, or DICOM for short, is the internationally…
CBIZ KA Notice of Data Privacy Incident (Prime Healthcare)
CBIZ KA, a third-party vendor for Prime Healthcare (Prime), discovered a security incident involving CBIZ’s use of MOVEit Transfer software, which has recently reported a security vulnerability. Prime takes the responsibility of safeguarding your information very seriously, and while Prime systems were not involved in the incident, CBIZ KA uses MOVEit Transfer to securely transfer…