Sam Clancy reports: A 29-year-old woman who worked for a St. Louis County nursing home pleaded guilty to stealing credit card numbers from the home’s residents. Shaniece Borney pleaded guilty to a credit card fraud scheme while she worked at NHC Health Care in 2016 and 2017, a press release from the Department of Justice…
Category: Health Data
NY: Finger Lakes Health dealing with ransomware attack (Corrected)
WHEC reports that Finger Lakes Health is functioning the old-fashioned way while its computer system remains locked up by an unspecified type of ransomware: The agency said that an outside party is demanding payment to let it access its files. The agency was notified of the breach around midnight Sunday. Officials at Finger Lakes Health say…
IA: Primary Health Care notifies patients after discovering hack of employee email accounts
From their press release, issued yesterday: Primary Health Care Inc. (“PHC”) is providing notice of an incident that occurred at PHC and may affect the security of protected health information of certain PHC patients. While PHC is unaware of any actual or attempted misuse of the information, this notice contains details about the incident and…
DocuTrac medical software is a breach risk, warns Rapid7
Warwick Ashford reports on what seems to me to be yet another case of hard-coded credentials creating a critical vulnerability in protecting patient data, and I, of course, have questions. Ashford reports: The QuicDoc & Office Therapy suite of software produced by DocuTrac contains security vulnerabilities that could allow attackers to gain control of patient…
ATI Physical Therapy notifies patients of data breach
ATI Physical Therapy is notifying patients of a security incident that appears to have targeted employees’ email accounts. Here is their update of March 12, although I’m not sure when any previous notification may have been published (their newsroom does not show any prior notice on their site): About the data privacy event ATI Holdings,…
Owner says North Battleford store receiving private medical records via fax
If you harbored any hope that we might be done with breaches due to misdirected faxes, I hate to disillusion you, but Meaghan Craig and Thomas Piller report yet another example in Canada: The Saskatchewan Health Authority is looking into instances where confidential medical records were allegedly faxed to a computer store in North Battleford….