Yesterday, I reported that three unidentified patient databases had been put up for sale on the darknet on TheRealDeal market. I was subsequently able to have a chat with TheDarkOverlord (the hacker/seller) about the hacks and the refusal of the victims to pay the extortion demands. You can read more of what TheDarkOverlord shared with me…
Category: Health Data
Anyone know what healthcare facilities these are? 655,000 patient records up for sale on dark net (UPDATED)
Seen up for sale on a forum (I’m redacting the ads and samples): Healthcare Database (48,000 Patients) from Farmington, Missouri, United States This product is a considerably large database in plaintext from a healthcare organization in Farmington, Missouri, United States. It was retrieved from a Microsoft Access database within their internal network using readily available plaintext…
Mercy Medical Center Redding notifies patients after discovering NaviHealth case manager was working under a stolen identity
Typically, when an entity posts a link to a security breach notification on their web site, it’s a normal or small font. If you’re lucky, it’s positioned so that you stand a chance of spotting it immediately. But Mercy Medical Center Redding wanted to make sure they caught their patients’ attention with this graphic on…
Former ProMedica therapist convicted of illegally obtaining patient data
An update on a previously noted insider breach case. From NBC24: A former ProMedica respiratory therapist has been convicted in federal court of illegally obtaining health information while employed at Bay Park Hospital. A trial began against Jamie Knapp, 27, began on Monday in U.S. District Court in Toledo. The former ProMedica employee was tried…
UK: Confidential records of mentally ill patients found in cabinet bought on eBay
Another totally inexcusable and shameful privacy breach. Personal documents containing confidential details of mentally ill patients of the former Wolverhampton NHS Primary Care Trust were found in a filing cabinet bought on eBay. The cabinet contained 60 pages of documents including details of patients’ history of sexual abuse and suicide attempts. Read more on Express &…
VA: Former nurse charged with stealing patients’ personal information (updated)
BSomers reports that Capri Williams, formerly employed as a nurse at Commonwealth Primary Care, is facing federal charges of bank fraud and identity theft. She is scheduled for her first court appearance on Friday. The US Attorney’s Office said she used personal information from hundreds of patients to try and open new bank and credit accounts. In one case,…