Nicole Leonard reports: A Pennsylvania judge has cleared the way for a $65 million settlement with Lehigh Valley Health Network in a data breach case that involved stolen medical records and nude photos of cancer patients, taken during exams, posted on the dark web by a Russian cybergang. At a hearing Friday in Lackawanna County Court, Senior…
Category: Health Data
Idaho man who hacked medical entities and made vile threats sentenced to 10 years in prison (1)
An Idaho man who worked as an Information Technology Specialist for Ada County by day has been sentenced to prison for hacking medical offices and threatening his victims if they didn’t pay his ransom demands. Background of the Case In July 2017, DataBreaches reported a hacking incident with a ransom demand where the description of…
Artificial intelligence and cybercrime: implications for individuals and the healthcare sector
Introduction: The malicious use of artificial intelligence has created new types of security threat for both individuals and the healthcare sector. Although artificial intelligence is a fundamental technology of our age, it has enabled the creation of new types of large-scale cyberthreat, and artificial intelligence-based cybercrime has grown rapidly worldwide. Medical data are a prime…
Still in the dark: A “500 marker” is updated, but too many still aren’t. Is HHS doing anything about this??
In March 2024, LockBit3.0 added Redwood Coast Regional Center (RCRC) to its leak site. On May 3, RCRC notified HHS of the March 6 incident, reporting that 500 patients had been affected. RCRC only recently updated that report to indicate that 24,937 patients were affected. On or about November 5, they began mailing out letters…
In the midst of restructuring, Guardian Healthcare hit by ransomware attack
A recent article on the cybersecurity risks posed by mergers and acquisitions begins: When companies merge, it creates significant cybersecurity challenges in two main ways: firstly, challenges arise in integrating disparate security infrastructures, and secondly, an M&A transaction brings together diverse organizational cultures which presents its own challenges from a cyber perspective. Yet the limited…
Class action ping pong: Dismissal of lawsuit against Chelan Douglas Health District reversed; case goes back to Superior Court
In July 2021, Chelan Douglas Health District in Washington experienced a data breach. They disclosed the breach to the public in March 2022, surprisingly patting themselves on the back for completing their investigation in 6-7 months. A number of media reports indicate that the breach reportedly affected almost 109,000 patients, but the breach was reported…