Here’s an incident involving St. Elizabeth Physicians that happened last month but just showed up on HHS’s public breach tool now. From their August 23 notice: On July 12, 2016 St. Elizabeth Physicians inadvertently released the email addresses of 674 individuals in an email sent by its Weight Management Center inviting the recipients to a…
Category: Health Data
Geisinger Health Plan notifies 2800 that processing error exposed their PHI to others
Geisinger Health Plan issued the following statement on September 12: DANVILLE, PA — In accordance with Geisinger Health System policy and applicable federal regulations, Geisinger Health Plan has notified approximately 2,800 members from 220 employers that some of their Protected Health Information (PHI) has been disclosed in an unauthorized manner. This disclosure does not affect Geisinger…
“Fancy Bear” Release More Confidential Athlete Data; WADA Confirms
Swimming World reports: The World Anti-Doping Agency (WADA) confirmed that another batch of confidential athlete information has been released by the cyber hackers known as “Fancy Bear.” The Agency originally announced a leak by the cyber hackers on September 13th, however this time the group released confidential data on 25 athletes from eight different countries. Ten athletes…
The Mystery of the Reappearing FTP server, Part 2
Earlier this week, in the context of discussing of how old and forgotten databases can come back to bite us in costly databreaches, I reported on a somewhat bizarre situation involving files belonging to a Pennsylvania dentist. I have since obtained more information on that situation, and thought I would update you all. Let’s start…
St. Francis Health System hacked: TheDarkOverlord? (UPDATE)
TheDarkOverlord, who had hacked and attempted to extort a number of medical clinics in May – June, has seemingly reappeared [see UPDATES below this post], and claims to have hacked St. Francis Health System in Oklahoma: Last week, we ransacked the web servers of Saint-Francis, a network of hospitals and clinics located in Tulsa, OK. We…
Computer Breach Could Have Exposed Trauma Victims to Further Anguish
Jim Dwyer provides additional details and commentary on a breach involving research participants’ data held by the New York State Psychiatric Institute. [The research participants] included, among others, schoolchildren directly exposed to the events of Sept. 11; Puerto Rican youth; severely emotional disturbed young people in Westchester County and their caretakers; people in the Bronx suffering…