People have often asked me if I compile stats on the reports on my site. I haven’t, but am pleased to announce that I am now collaborating with Protenus to help them provide monthly stats for U.S. breaches involving health/medical data. You can read their first blog post on June incidents here. Here’s a snippet…
Category: Of Note
Circuit Upholds Nosal Conviction in Key CFAA Decision
Ross Todd reports: Ruling in a case that tested the boundaries of the Computer Fraud and Abuse Act, a divided panel of the U.S. Court of Appeals for the Ninth Circuit on Tuesday upheld the conviction of former Korn/Ferry International recruiter David Nosal. Circuit Judge M. Margaret McKeown found that Nosal had knowingly and intentionally…
Business Associate’s Failure to Safeguard Nursing Home Residents’ PHI Leads to $650,000 HIPAA Settlement
This works out to over $1570 per record. Catholic Health Care Services of the Archdiocese of Philadelphia (CHCS) has agreed to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule after the theft of a CHCS mobile device compromised the protected health information (PHI) of hundreds of nursing…
Massachusetts General Hospital Dental Group notifies patients of Patterson FTP server incident
Back in February, this site reported that a Patterson Dental anonymous FTP server was leaking patient data, according to a security researcher who had discovered the problem and reported it to them and then this site. One of the entities, the Massachusetts General Hospital Dental Group, had patient data caught up in that leak, and…
TheDarkOverlord names the Farmington victim and releases data
One of the other up-for-sale health databases that DataBreaches.net reported on on Sunday was a facility in Farmington, Missouri. It was described as a “Healthcare Database (48,000 Patients) from Farmington, Missouri, United States.” Yesterday, after investigating the sample and other information, DataBreaches.net reached out to the Midwest Orthopedic Pain & Spine clinic owned by Dr….
Atlanta orthopedic group investigating whether they are TheDarkOverlord’s victim
On Sunday, DataBreaches.net reported on healthcare databases that are up for sale on the darknet in the RealDealMarket. The seller is “TheDarkOverlord,” who provided descriptions of the databases and samples, but did not name the victim entities. In a number of encrypted chats with the hacker since then, DataBreaches.net obtained additional information about the identity of…