In a post yesterday, I reported that protected health information and identity information of patients of Athens Orthopedic Clinic that had been leaked online by hackers remained available to anyone who knows where to look for it. Although it’s frustrating and understandably worrying to patients, I give AOC credit that they tried to find the leaks and plug them. I…
Category: Health Data
Locky Targets Hospitals In Massive Wave Of Ransomware Attacks
Tom Spring reports: A massive Locky ransomware campaign spotted this month targets primarily the healthcare sector and is delivered in phishing campaigns. The payload, researchers at FireEye said, is dropped via .DOCM attachments, which are macro-enabled Office 2007 Word documents. Especially hard hit are hospitals in the United States followed by Japan, Korea and Thailand, according to research…
Plaintiffs Cannot Bring Data Breach Lawsuits Without Evidence That Information Will Be Used To Harm
Every time there’s a big breach that has consumers or patients outraged, I see rumblings in the Comments section of posts about class-action lawsuits. An article by John Devine, Edward McAndrew, and Gregory Szewczy of Ballard Spahr about a recent opinion in District Court for the D.C. Circuit is a timely reminder of the uphill battle plaintiffs may…
P.E.I. MLA wants answers about privacy breach at care home
Ryan Ross reports: Health P.E.I. started an investigation into allegations of privacy breaches at the Margaret Stewart Ellis Home in O’Leary. Photos were posted on social media and the CBC reported last month the pictures included a headshot of one of the facility’s deceased residents. In addition, an employee had, over a period of…
Rotech Healthcare notifies patients whose details were found in possession of unauthorized individual
Rotech Healthcare Inc., a provider of home respiratory and medical equipment equipment and supplies, notified HHS of a breach involving 957 patients. Here is their notification: Rotech Healthcare Inc. (“Rotech”) would like to notify you of a recent incident that may affect the security of your personal and protected health information. We are providing you…
Athens Orthopedic Clinic patient data still exposed on leak site
DataBreaches.net discovered today that two copies of a paste (data dump) with over 860 AOC patients’ information is still available online if you know where to look for it. I’m providing a redacted screenshot below so patients can get a sense of what these pastes/leaks look like, although I’ve blacked out most of the street addresses, the…