Ross Todd reports: Ruling in a case that tested the boundaries of the Computer Fraud and Abuse Act, a divided panel of the U.S. Court of Appeals for the Ninth Circuit on Tuesday upheld the conviction of former Korn/Ferry International recruiter David Nosal. Circuit Judge M. Margaret McKeown found that Nosal had knowingly and intentionally…
Category: Of Note
Business Associate’s Failure to Safeguard Nursing Home Residents’ PHI Leads to $650,000 HIPAA Settlement
This works out to over $1570 per record. Catholic Health Care Services of the Archdiocese of Philadelphia (CHCS) has agreed to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule after the theft of a CHCS mobile device compromised the protected health information (PHI) of hundreds of nursing…
Massachusetts General Hospital Dental Group notifies patients of Patterson FTP server incident
Back in February, this site reported that a Patterson Dental anonymous FTP server was leaking patient data, according to a security researcher who had discovered the problem and reported it to them and then this site. One of the entities, the Massachusetts General Hospital Dental Group, had patient data caught up in that leak, and…
TheDarkOverlord names the Farmington victim and releases data
One of the other up-for-sale health databases that DataBreaches.net reported on on Sunday was a facility in Farmington, Missouri. It was described as a “Healthcare Database (48,000 Patients) from Farmington, Missouri, United States.” Yesterday, after investigating the sample and other information, DataBreaches.net reached out to the Midwest Orthopedic Pain & Spine clinic owned by Dr….
Atlanta orthopedic group investigating whether they are TheDarkOverlord’s victim
On Sunday, DataBreaches.net reported on healthcare databases that are up for sale on the darknet in the RealDealMarket. The seller is “TheDarkOverlord,” who provided descriptions of the databases and samples, but did not name the victim entities. In a number of encrypted chats with the hacker since then, DataBreaches.net obtained additional information about the identity of…
264,000 and counting: Hack of EHR/EMR vendor leaves clients scrambling
What data security incident currently holds the undesirable status of 2016’s largest incident involving patient data that has been reported to HHS?* There’s a good chance you’ve never heard about it because the company has remained publicly mute. San Jose-based Bizmatics, Inc. designs and markets electronic health record and electronic medical records practice management software…