I’ve had a lot of coverage of Advocate Health’s breaches over the past years that you can access here. Here’s is HHS’s announcement of the settlement of their charges: Advocate Health Care Network (Advocate) has agreed to a settlement with the U.S. Department of Health and Human Services, Office for Civil Rights (OCR), for multiple…
Category: Of Note
Extortion demand on Athens Orthopedic Clinic escalates as patient data is dumped
On June 26, DataBreaches.net reported that several databases with patient information had allegedly been hacked and put up for sale on the dark net by hackers calling themselves TheDarkOverlord (TDO). This site subsequently identified one of the entities as the Athens Orthopedic Clinic in Georgia, and contacted them to alert them that it appeared that…
Massive Cyber Attack at Banner Health Affects 3.7M Individuals
Rajiv Leventhal reports: Phoenix-based Banner Health, one of the largest healthcare systems in the U.S., announced on August 3 that it is notifying approximately 3.7 million individuals about a breach in which cyber attackers gained unauthorized access to computer systems that process payment card data at food and beverage outlets at certain Banner locations. The…
DHS Announces Cyber Incident Reporting Information: US-CERT
The United States Department of Homeland Security (DHS) has released guidelines and points of contact for reporting cyber incidents to the Federal Government. This communication follows the recent release of Presidential Policy Directive 41 (PPD-41)—United States Cyber Incident Coordination—which outlines how the Federal Government will handle cyber incidents. Users and administrators are encouraged to review these documents…
HHS seeks threat information sharing system for health sector
Amanda Ziadeh reports: The Department of Health and Human Services is looking to strengthen the privacy and security of health care information by sharing cyber threat data with partner agencies and stakeholders. HHS’ Office of the National Coordinator for Health Information Technology and the Assistant Secretary for Preparedness and Response released funding opportunities for an…
Prosthetic & Orthotic Care confirms hack by TheDarkOverlord
Another one of TheDarkOverlord’s targets has issued a statement about the hack and theft of their patient information. DataBreaches.net had identified this entity and first reported on the hack on July 9. Somewhat disturbingly, and as we have seen in other cases with the same parameters, Prosthetic & Orthotic Care (P&O Care) does not appear to…