On July 17, DataBreaches reported that BlackCat had added the Beverly Hills Plastic Surgery (BHPS) to their dark web leak site. The June listing was updated to include photos that appeared to be proof of claims about their access to the clinic’s files. The doctors did not respond to DataBreaches’ inquiries in July, but on…
Category: Health Data
Ragnar_Locker leaks data from Israeli Medical Center
Mayanei Hayeshua Medical Center in Bnei Brak was hit by a cyberattack on August 7. Patient care was not disrupted for some things, but the ministry instructed that the center’s outpatient clinics and imaging centers not accept patients and that the public not go to its emergency room until further notice. A week later, the…
In: 320,000 Patient Records From Ayush Jharkhand Gov Leaked on Hacking Forum
CloudSek reports: On 14 August, CloudSEK’s contextual AI digital risk platform XVigil discovered a threat actor Tanaka sharing a database marked as bitsphere[.]in on an english speaking hacking forum. Analysis of the database reveals that the following information has been leaked: More than 3 lakh 20 thousand patient records containing their PII information and medical diagnosis. 500 login…
Update: Leak site with plastic surgery patients’ data and sexually explicit videos removed
In July, DataBreaches reported a data breach involving the plastic surgery practice of Gary Motykie, M.D. The incident, which appeared to be a hack with an extortion demand, had been reported to the Maine Attorney General’s Office, but an upset patient had also contacted NBC News in Los Angeles to reveal that a leak site…
Kudos to North Mississippi Health Services for fast detection and disruption of attack
Kudos to the North Mississippi Health Services for rapid detection and interruption of a phishing attack. In a website notice dated September 1, NMHS explains that on July 3, they discovered unauthorized access through an employee’s email account after a phishing email was unintentionally opened. “Our Security Operation Committee (SOC) promptly shut down the system,…
Indiana notifying Medicaid recipients of CareSource security breach
Carley Lanich reports: The protected health information of some Indiana Medicaid members may have been compromised in a recent security breach involving Ohio-based CareSource. Officials with the Indiana Family and Social Services Administration announced Friday that the breach of CareSource, a managed care entity, happened in late May and involved the personal information of more…