Jordan Robertson and Riley Griffin report: On March 15, 2020, just days after the US declared a national emergency because of the Covid-19 pandemic, the computer network for the US Department of Health and Human Services briefly vanished from the internet. In public remarks the following day, HHS Secretary Alex Azar attributed the 10-minute outage to a cyberattack but…
Category: Health Data
HHS’ Office for Civil Rights Settles First Ever Phishing Cyber-Attack Investigation
Louisiana Medical Group settles after investigation reveals large cybersecurity breach affecting nearly 35,000 patients Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR), announced a settlement with Lafourche Medical Group, a Louisiana medical group specializing in emergency medicine, occupational medicine, and laboratory testing. The settlement resolves an investigation following a…
Data breach by Addenbrooke’s Hospital reveals patient information
Mariam Issimdar and Nikki Fox report: A hospital trust has apologized after private information on more than 22,000 patients was released in two breaches. The leaks – in 2020 and 2021 – concerned maternity and cancer patients at Addenbrooke’s Hospital, Cambridge. Roland Sinker, chief executive of Cambridge University Hospitals NHS Foundation Trust said the breaches…
Millions of patient scans and health records spilling online thanks to decades-old protocol bug
Carly Page reports: Thousands of exposed servers are spilling the medical records and personal health information of millions of patients due to security weaknesses in a decades-old industry standard designed for storing and sharing medical images, researchers have warned. This standard, known as Digital Imaging and Communications in Medicine, or DICOM for short, is the internationally…
CBIZ KA Notice of Data Privacy Incident (Prime Healthcare)
CBIZ KA, a third-party vendor for Prime Healthcare (Prime), discovered a security incident involving CBIZ’s use of MOVEit Transfer software, which has recently reported a security vulnerability. Prime takes the responsibility of safeguarding your information very seriously, and while Prime systems were not involved in the incident, CBIZ KA uses MOVEit Transfer to securely transfer…
East River Medical Imaging notifies 605,809 patients of breach
East River Medical Imaging recently sent out notices to 605,809 patients concerning a breach in September. According to a patient notice posted on its website, on September 20, 2023, the New York medical practice identified suspicious activity within its IT network. We immediately initiated our incident response process, began an investigation with the assistance of…