Chad Terhune reports: Hackers demanded a ransom from two more Southern California hospitals last week and federal authorities are investigating the case. Prime Healthcare Services Inc., a fast-growing national hospital chain, said the attackers infiltrated computer servers on Friday at two of its California hospitals, Chino Valley Medical Center in Chino and Desert Valley Hospital…
Category: Of Note
Three members of Syrian Electronic Army charged by feds
Three Syrian nationals, all current or former members of the Syrian Electronic Army (SEA), were charged with multiple conspiracies related to computer hacking, according to two criminal complaints unsealed today in the U.S. District Court of the Eastern District of Virginia. Ahmad Umar Agha, 22, known online as “The Pro,” and Firas Dardar, 27, known…
NY: Treasure trove of Grand Street Medical Associates patient data exposed and indexed
Grand Street Medical Associates is a multi-disciplinary practice in Kingston, New York. At some point, what appears to be a vast amount of their patients’ protected health information was left exposed on an unsecured FTP server. The leak was discovered by a security researcher, who notified GSMA and then contacted DataBreaches.net on March 12. According…
KY: Ransomware incident at Methodist Hospital in Henderson (update2)
On March 15, Jessica Gavin reported: A cyber security breach, striking Methodist Hospital in Henderson. We’re learning the FBI is investigating this right now, but there’s some good news. [….] David Park, COO of Methodist, tells 14 NEWS the hackers have copied patients records and locked those copies. They’ve deleted the originals. “We’ve notified the FBI,…
Featured Story: Henry Ford Healthcare System: creating a culture of privacy
Over the past decade of reporting on healthcare sector breaches, I can probably count on one hand the number of entities who have impressed me that they really “get” that responding to a privacy breach is not primarily about data or statutory notifications. It’s about addressing any distrust or anxiety patients may feel about you protecting their confidentiality, because…
Security researcher investigating Bangladesh central bank cyber-heist kidnapped? (UPDATED)
Researching and reporting on data breaches has always had some element of risk attached. You can get accused of hacking, or you can get threatened with litigation. In Brian Krebs’s case, you can find yourself swatted. Or in my case, you can get threatened with infection of HIV. But with the exception of swatting, the rest pales…