Dec. 15 – Oak Cliff Orthopaedic Associates announced today an incident involving the theft of old business records from an off-site storage facility, which included in the material unauthorized access to certain personal protected health information from the years 2006 and 2007. The Lewisville Police Department ultimately recovered the boxes of stolen records. Oak Cliff Orthopaedic Associates…
Category: Health Data
Insider breaches dominate in Protenus’s November Breach Barometer
As in previous months, Protenus has summarized what kind of month November was for breaches involving health data. And as the November issue of Breach Barometer makes clear, insider/employee incidents outnumbered external attacks in a month where we first learned of 57 incidents – the largest number of monthly reports this year. One of the main explanations for…
Ca: Privacy breach affects 200 patient records at Hamilton doctor’s office
The Hamilton Spectator reports: Ontario’s former privacy commissioner is “enormously” concerned after the medical privacy of more than 200 patient records was breached within a Hamilton doctor’s office. The Hamilton Family Health Team — a nonprofit corporation that provides clinical and administrative assistance to 166 doctors — confirmed Tuesday that personal letters were sent out…
UK: TalkTalk hacker who blackmailed company chief during year-long cyber crime spree faces jail
While a 17 year-old teen got a rehabilitation order and had his phone confiscated for his role in the TalkTalk hack and other cybercrimes, 19 year-old Daniel Kelley is likely facing real jail time for his role in the TalkTalk hack and other crimes. Emily Pennink and Sam Russell recap the blackmail and other crimes Kelley admitted to at hearing,…
NJ family medicine practice notifying 4,277 patients after ransomware attack
Melissa Selke, MD, PC, a Family Medicine practice in New Jersey, issued a statement on December 2 concerning a hacking/ransomware incident. From the statement (.doc): On October 6, 2016, Dr. Selke discovered her information system had been infected with a virus that prohibited access to patient files. The integrity of the information system was immediately restored and…
Quest Diagnostics notifying 34,000 patients after hacker acquired PHI
Quest Diagnostics is notifying approximately 34,000 patients after their MyQuest patient was hacked and PHI was accessed and obtained. Quest reports that they became aware of the breach on November 28, and that the patient data included name, date of birth, lab results, and, in some instances, telephone numbers. The affected information did not include Social Security numbers, credit…