Spring Hill Insider reports: Thousands of patients may have suffered delays to treatment after it was revealed that the NHS failed to deliver more than half a million sensitive documents to GPs. Test results from biopsies and patient treatment plans were among the thousands of official records that went missing between 2011 and 2016. Read…
Category: Of Note
How can we screw up incident response? Let me count the ways — Monday UK Edition
This week, DataBreaches.net was reminded yet again of the risks of trying to alert an entity to a breach. This time, it was not me who was threatened or any of the whitehat researchers I know. This week, it was a citizen who found patient records on the street in his town and undertook to…
Medical Devices Face January 14 D-Day
Medlaw reports: January 14, 2020, Microsoft will stop supporting Windows 7. So what? Well, if you are in the medical community, it could mean the choice between spending big money on updating the operating systems of your medical devices or facing the constant attacks of hackers with vulnerable, out-dated software. Some hospitals have updated medical…
Ransomware at Colorado IT Provider Affects 100+ Dental Offices
Brian Krebs reports: A Colorado company that specializes in providing IT services to dental offices suffered a ransomware attack this week that is disrupting operations for more than 100 dentistry practices, KrebsOnSecurity has learned. Multiple sources affected say their IT provider, Englewood, Colo. based Complete Technology Solutions (CTS), was hacked, allowing a potent strain of ransomware known…
Hong Kong schools fall victim to cyberattack, raising fears for private data of pupils
Danny Mok reports: Hackers have broken into a government system used by most of Hong Kong’s schools, raising fears for the personal data of pupils, parents and staff. Eight schools operating a web-based administrative network that stores highly sensitive information were breached, with three of them reporting data leaks, the Education Bureau said on Friday…
NYC Health & Hospitals Corp. investigating alleged employee wrongdoing
NYC Health & Hospitals Corp. posted a notice this week (reproduced below) that suggests that a rogue employee may have been selling PHI to law firms or clinics that specialize in motor vehicle accident patients. Of note, this notice does not specify any one hospital where the employee worked. Did the employee have access to…