Chase Brexton Health Care in Maryland recently notified 16,562 patients after four employees fell for a phishing attack. The phishing emails were sent on August 2 and 3, and by August 4, the attackers had re-routed employees’ paychecks. Of note, there was no evidence that the attackers were seeking – or ever accessed or viewed –…
Category: Health Data
Laptop with Bassett Family Practice patient data stolen from employee’s car
Brian Carlton reports: The records from more than 500 patients at Bassett Family Practice were stolen in August, company officials say. On Friday, officials from the facility sent out letters to all of their patients, informing them what was included in the theft and what steps the medical practice is taking to prevent it from…
Ashland clinic notifies 1,600 patients after ransomware incident
News Tribune reports that a primary care clinic in Ashland, Missouri decided to pay ransom when patient data were encrypted by ransomware. The type of ransomware and amount of ransom was not disclosed: Namaste Health Care in Ashland is notifying about 1,600 patients its office experienced a security incident over the weekend of Aug. 12-13….
Advanced Spine & Pain Center Notifies 8,362 Patients After Two Possibly Unrelated Incidents
So this is a bit unusual. Advanced Spine & Pain Center in San Antonio notified its patients on September 25 following two concerning events that may or may not be related. The first involved some patients receiving phone calls asking them to pay outstanding balances. As part of investigating that incident, ASPC discovered that their server…
Former nurse convicted of stealing patient information, filing over $1M in fraudulent claims with IRS
Ashley White reports: Tangela Lawson-Brown was found guilty after a three-day federal trial in Tallahassee. The 41-year-old was convicted of wire fraud, theft of government funds, possession of unauthorized access devices and aggravated identity theft, according to a statement from the U.S. Attorney for the Northern District of Florida. Between October 2011 and December 2012, Lawson-Brown worked as a…
Cloudy with a chance of PHI leaks
Maybe we should do this one as a “write your own headline” exercise. Earlier this week, Kromtech Security reported that they had uncovered yet another improperly secured AWS S3 bucket that was exposing protected health information. The company that was responsible for the collection of the home monitoring data, Patient Home Monitoring, was exposing what…