In April 2023, Brightside Health, Inc. reported a breach to HHS that affected 767 patients. The incident was coded as “unauthorized access/disclosure” of information located in “EMR, other.” HHS’s closing statement on the public breach tool described the incident this way: The covered entity (CE), Brightside Health, reported that an unauthorized individual accessed the protected…
Category: Insider
Mass General Brigham fires two employees after patient data breach
Bryan Lambert reports: Mass General Brigham says some patients may have had personal information exposed after two employees allegedly allowed an unauthorized person access to private records. The hospital says on April 4 it was made aware of an incident where patients’ personal info, including name, address, medical record number, date of birth, email address,…
Ph: Arrested Data Security Officer Admits To Hacking 93 Websites
Mark Ernest Villeza reports: A data security officer of the Manila Bulletin has admitted to hacking approximately 93 websites, including government and private company websites, as well as servers based abroad. In an interview with ABS-CBN aired on June 24, the hacker with the alias “Kangkong” revealed that he left a specific picture on the compromised websites as…
Doctor charged for unauthorized access to personal information of pediatric patients at Texas Children’s Hospital
Is the following case an example of insider threat or it is a whistleblower situation — or both? The U.S. Attorney’s Office of Southern Texas issued the following press release on June 17: A Houston doctor has been indicted for obtaining protected individual health information for patients that were not under his care and without…
Insider threat: Months after being fired, former employee accessed company’s computer test system and deleted servers, causing it to lose S$918,000
CNA reports: Singapore: Upset that he was fired, an employee accessed his former company’s computer test systems and deleted 180 virtual servers, costing them about S$918,000 (US$678,000). Kandula Nagaraju, 39, was sentenced to two years and eight months’ jail on Monday (Jun 10) for one charge of unauthorised access to computer material. Another charge was…
Data breach involving two former Kalamazoo employees under criminal investigation
Here’s your occasional reminder about insider-wrongdoing breaches. Katie Sergent reports: City officials notified all staff of a data breach impacting about 250 current and former city employees, according to Kalamazoo Communications Manager Michael Smith in a statement to News Channel 3 Wednesday. The breach involved two former city employees, and was discovered on March 28…