Early yesterday, Change Healthcare reported that they were experiencing enterprise-wide connectivity issues. They didn’t call it a cyberattack at that point, but by mid-day, their status reports were indicating that they were experiencing “a network interruption related to a cyber security issue.” A few hours later, they added a statement, “Once we became aware of…
Category: Health Data
HHS’ Office for Civil Rights Settles Second Ever Ransomware Cyber-Attack for $40,000 and a Corrective Action Plan with OCR Monitoring
HHS OCR has announced a second enforcement settlement in a ransomware case. The 2019 breach involving Green Ridge Behavioral Health managed to fly mostly under the media radar at the time. DataBreaches was not even aware that it was a ransomware attack as when this site contacted Green Ridge back then to inquire about the…
Hack at Services Firm Hits 2.4 Million Eye Doctor Patients
Marianne Kolbasuk McGee reports: Medical Management Resource Group, which does business as American Vision Partners, works with – and “shares” a management system, IT and infrastructure with – 12 practices, according to its website. The incident involved the hack of a network server and affected more than 2.35 million individuals, the company said in a…
Data Breach Putative Class Action Questions Whether Broker Was Swift Enough in Notice and Response
Andrea DeField and Matthew J. Revis of Hunton Andrews Kurth write: While America was tuned into the big game, one California insurance broker faced its own treacherous showdown in the form of a putative class action filed on February 8, 2024 stemming from a data breach. With cyber incidents still on the rise, this is a story…
Grace Lutheran Communities attacked by BlackCat; employee and resident data acquired
Grace Lutheran Foundation, which does business as Grace Lutheran Communities in Wisconsin, offers a variety of services including rehabilitation services, assisted living, skilled nursing, independent living, adult day services, and childcare. On February 9, they posted a notice about a data breach they discovered on January 22, 2024. They emphasized that there was no indication…
Ukrainian man pleads guilty in cyberattack that temporarily disrupted major Vermont hospital
AP reports: A Ukrainian man has pleaded guilty to involvement in two separate malware schemes including a cyberattack at the University of Vermont Medical Center in 2020 that temporarily shut down some of its vital services and cost it tens of millions of dollars, according to the U.S. Department of Justice. Vyacheslav Igorevich Penchukov, also…