Seen on CloudSEK: CloudSEK’s contextual AI digital risk platform XVigil has discovered a post on an English speaking cybercrime forum, sharing a database of PHI-IIIT Delhi for Forum credits. A total of 82 Databases were compromised and leaked data. Read more at CloudSEK.
Category: Health Data
Discovery at Home notifies patients after phishing incident
Discovery at Home provides senior home healthcare services to seniors in Florida and Texas. On July 31, they issued a website notice about a phishing incident they discovered on June 1. As they describe it, the scheme resulted in the transmittal of personal health information to an unauthorized third-party sender. Elements of personal information that may…
Gallivan notifies University of Guelph students of Fortra breach 4 months later
Daniel Caudle reports: The provider of health, dental, and wellness benefits at the University of Guelph (U of G) has begun notifying students of a data breach which included access to personal information. A post on the Central Student Association’s website says Gallivan, the provider of those plans, began sending notifications via email this week. CTV News…
MHMR Authority of Brazos Valley provides notice of ransomware attack last November (1)
On December 22, 2022 DataBreaches added MHMR Authority of Brazos Valley to our non-public breach worksheet. Based on information at that time from Hive threat actors, it appeared that the non-profit Texas mental health and substance abuse treatment provider’s files had been locked on November 5. Their listing on Hive’s leak site was a sure…
The Chattanooga Heart Institute to notify 170,450 about March “data security incident”
In May, DataBreaches dutifully noted The Chattanooga Heart Institute (CHI) on our non-public worksheets. At the time, all we knew was that Karakurt threat actors had claimed to have attacked them and to have exfiltrated 158 GB of data. There was no proof of claim offered, but Karakurt wrote: Employees and patients’ private data will…
Centers for Medicare and Medicaid notifying 645,000 Medicare members about MOVEit breach (UPDATED)
Update: This incident was reported to HHS as affecting 1,362,470 patients. The Centers for Medicare and Medicaid (CMS) has posted a notice on its site about a data breach at one of its contractors, Maximus Federal Services, Inc. Maximus was one of hundreds of victims of a 0day attack on MOVEit file transfer software by the…