A while back, I was shown some live-streaming of a pager system that was being used in what appeared to be a hospital environment, as the pages included room numbers, patient medication information, etc. Unable to figure out what entity or organization was responsible for the system and the exposure as pages flew by rapidly,…
Category: Of Note
GRIZZLY STEPPE – Russian Malicious Cyber Activity
Joint Analysis Report Reference Number: JAR-16-20296 December 29, 2016 Summary This Joint Analysis Report (JAR) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). This document provides technical details regarding the tools and infrastructure used by the Russian civilian and military intelligence…
Family & Sports Medicine center patient records remain inaccessible three months after ransomware attack
Add Desert Care Family & Sports Medicine in Casa Grande, Arizona to the list of health facilities who suffered a ransomware attack. But what happened to them has resulted in my updating my worst breaches of 2016 list. On December 20, the center notified HHS that 500 patients were being notified that their server had…
The Worst Health Data Breaches in 2016
It’s relatively easy to identify which were the biggest breaches involving health data that were disclosed in 2016, but which of the hundreds of breaches disclosed were the worst ones if you look beyond the numbers? As in past years, we learned of devices with sensitive unencrypted health information being stolen from vehicles, paper records were found where they…
Fairbanks Hospital notifies patients after discovering employees could have been inappropriately accessing patient records for years (UPDATED)
Fairbanks Hospital in Indianapolis is notifying an undisclosed number of patients that employees could have been accessing protected health information of patients since at least November 2013 (and possibly earlier). The information that was accessed included current and former patients’ social security numbers, contact information, diagnosis, treatment and health insurance. In a notification dated December 16, the hospital…
Data breach affects almost 400,000 Community Health Plan members (UPDATE2)
Bob Young reports: Almost 400,000 current and former members of the Community Health Plan of Washington have had personal information, including Social Security numbers, exposed in a data breach. The nonprofit, which provides health insurance through Medicaid in Washington, is sending letters to 381,534 individuals Wednesday notifying them of the invasion and steps they can…