Insider breaches in healthcare know no national boundaries. From The Guardian: Health P.E.I. says the personal health information of 353 patients at the Queen Elizabeth Hospital in Charlottetown has been inappropriately viewed by a former hospital employee. Acting chief executive officer for Health P.E.I., Denise Lewis Fleming, confirmed the breach of patient records this morning….
Category: Health Data
RiverMend Health notifies 1,300 after employee’s email account compromised
Rivermend Health is notifying 1,300 patients who had information in an employee’s email account that was compromised. Rivermend detected suspicious activity from the account on August 10. Subsequent investigation determined that the account had been accessed beginning on or about July 27, and the access continued until August 11. Rivermend found no evidence that patient…
Chase Brexton Health Care notifies more than 16,000 patients after phishing incident
Chase Brexton Health Care in Maryland recently notified 16,562 patients after four employees fell for a phishing attack. The phishing emails were sent on August 2 and 3, and by August 4, the attackers had re-routed employees’ paychecks. Of note, there was no evidence that the attackers were seeking – or ever accessed or viewed –…
Laptop with Bassett Family Practice patient data stolen from employee’s car
Brian Carlton reports: The records from more than 500 patients at Bassett Family Practice were stolen in August, company officials say. On Friday, officials from the facility sent out letters to all of their patients, informing them what was included in the theft and what steps the medical practice is taking to prevent it from…
Ashland clinic notifies 1,600 patients after ransomware incident
News Tribune reports that a primary care clinic in Ashland, Missouri decided to pay ransom when patient data were encrypted by ransomware. The type of ransomware and amount of ransom was not disclosed: Namaste Health Care in Ashland is notifying about 1,600 patients its office experienced a security incident over the weekend of Aug. 12-13….
Advanced Spine & Pain Center Notifies 8,362 Patients After Two Possibly Unrelated Incidents
So this is a bit unusual. Advanced Spine & Pain Center in San Antonio notified its patients on September 25 following two concerning events that may or may not be related. The first involved some patients receiving phone calls asking them to pay outstanding balances. As part of investigating that incident, ASPC discovered that their server…