Donald A. Promnitz reports: Saint Agnes Medical Center has experienced a cybersecurity incident that originated with a sister hospital in the Pacific Northwest. According to a media release from Saint Agnes, an employee of Oregon/Idaho-based Saint Alphonsus Health System had their email compromised by an unauthorized user. This individual used the employee’s account to send…
Category: Phishing
Court Upholds Insurers’ Denial of $6M Crime Claim for Phishing Loss
Andrew G. Simpson reports: Real estate software maker RealPage has been denied a $6 million computer crime insurance coverage claim because the stolen funds were not in its possession but were instead being held by a payment processing firm at the time of a phishing scheme. National Union Fire Insurance Co. (a unit of American…
Volunteers of America Chesapeake & Carolinas Notice of Security Incident
This morning’s reminder that it’s not just HIPAA covered entities or business associates that may be exposing your medical information to a breach. Volunteers of America Chesapeake & Carolinas (“VOACC”) announced today a phishing email incident that involved a small number of email accounts in its computer environment. The phishing email incident resulted in unauthorized access to…
OH: Fisher-Titus Medical Center notified patients; employee email account accessed last year
Brandon Addeo reports: The personal information of patients at Fisher-Titus Medical Center was compromised after an unknown person gained access to an employee’s email account. According to a notice from the Norwalk hospital, someone accessed an employee’s email between August 2020 and October 2020. That email account contained personal information including people’s full names, Social…
Sequoia Capital Suffers Data Breach
Dark Reading reports: Sequoia Capital last week warned investors that some of their personal and sensitive information may have been exposed in a recent data breach of the firm. According to reports, Sequoia said the data may have been accessed by a third party in the breach, which occurred as a result of a successful phishing attack on an employee via email….
CIS launches no-cost ransomware service for U.S. hospitals
Kat Jerich reports: The nonprofit Center for Internet Security announced this week that it had launched a no-cost ransomware protection service for private hospitals in the United States. The Malicious Domain Blocking and Reporting service, which is already available for public hospitals, health departments and healthcare organizations, uses Enterprise Threat Protector software from the cybersecurity…