CloudSek reports: On 14 August, CloudSEK’s contextual AI digital risk platform XVigil discovered a threat actor Tanaka sharing a database marked as bitsphere[.]in on an english speaking hacking forum. Analysis of the database reveals that the following information has been leaked: More than 3 lakh 20 thousand patient records containing their PII information and medical diagnosis. 500 login…
Category: Health Data
Update: Leak site with plastic surgery patients’ data and sexually explicit videos removed
In July, DataBreaches reported a data breach involving the plastic surgery practice of Gary Motykie, M.D. The incident, which appeared to be a hack with an extortion demand, had been reported to the Maine Attorney General’s Office, but an upset patient had also contacted NBC News in Los Angeles to reveal that a leak site…
Kudos to North Mississippi Health Services for fast detection and disruption of attack
Kudos to the North Mississippi Health Services for rapid detection and interruption of a phishing attack. In a website notice dated September 1, NMHS explains that on July 3, they discovered unauthorized access through an employee’s email account after a phishing email was unintentionally opened. “Our Security Operation Committee (SOC) promptly shut down the system,…
Indiana notifying Medicaid recipients of CareSource security breach
Carley Lanich reports: The protected health information of some Indiana Medicaid members may have been compromised in a recent security breach involving Ohio-based CareSource. Officials with the Indiana Family and Social Services Administration announced Friday that the breach of CareSource, a managed care entity, happened in late May and involved the personal information of more…
NY: Carthage, Claxton-Hepburn hospitals target of cyber attack
WWNY reports: Two north country hospitals have been targeted in a cyber attack, but officials say there appears to be no breach of patient information. Officials say Carthage Area Hospital and Claxton Hepburn Medical Center in Ogdensburg discovered the incident Thursday at approximately 6 p.m. As a precaution, the emergency rooms at Carthage and Claxton…
HHS Security Risk Assessment Tool Version 3.4 and Webinars
From HHS OCR: The Office for Civil Rights (OCR) and the Office of the National Coordinator for Health Information Technology (ONC) at the U.S. Department of Health and Human Services (HHS) are hosting two webinars for the release of version 3.4 of the Security Risk Assessment (SRA) Tool. This tool is designed to aid small…