At the PHI Protection Network conference last week, we spent a lot of time discussing the increasing rate of ransomware attacks. I asked a number of people whether they thought that ransomware attacks that (merely) locked up the data with no evidence of exfiltration had to be reported to HHS. I got a variety of…
Category: Health Data
Ontario hospital website may have infected visitors with ransomware, security firm says
Emily Chung reports: The website of an Ontario hospital may have infected the computers of patients and staff with ransomware planted on the site during a hack attack, the internet security company Malwarebytes warns. Norfolk General Hospital, located in Simcoe, Ont., confirms its website was hacked by cybercriminals, but denies that visitors were ever at risk. […] Jérôme Segura, a senior security researcher with Malwarebytes, reported in a blog…
Illinois Valley Podiatry Group warned 26,588 patients after contractor hacked (Update1)
So I had missed this item from the Journal Star on March 8th: The Illinois Valley Podiatry Group, 3322 W. Willow Knolls Drive, has announced that it has became aware of unauthorized access to its computer records, believed to have taken place last year. The names, addresses and Social Security numbers of patients may have…
IE: Patient documents must have ‘blown out of’ doctor’s hand
The Dundalk Democrat reports: Councillor Tomás Sharkey has hit out at the latest breach of patient privacy in Our Lady of Lourdes Hospital. “Last week patients and their families received calls from management of Our Lady of Lourdes Hospital. The call was to apologise for the fact that personal files, found in a public place…
Hackers Seek Ransom From Two More California Hospitals
Chad Terhune reports: Hackers demanded a ransom from two more Southern California hospitals last week and federal authorities are investigating the case. Prime Healthcare Services Inc., a fast-growing national hospital chain, said the attackers infiltrated computer servers on Friday at two of its California hospitals, Chino Valley Medical Center in Chino and Desert Valley Hospital…
NY: Treasure trove of Grand Street Medical Associates patient data exposed and indexed
Grand Street Medical Associates is a multi-disciplinary practice in Kingston, New York. At some point, what appears to be a vast amount of their patients’ protected health information was left exposed on an unsecured FTP server. The leak was discovered by a security researcher, who notified GSMA and then contacted DataBreaches.net on March 12. According…