On February 3, DataBreaches quoted a press release by BakerHostetler about a breach update from DISA Global Solutions that DISA had issued on January 23, 2025. BakerHostetler’s release was subsequently removed from their website, although a copy still currently exists at PublicNow. Of note, in their main takeaways section, BakerHostetler quoted DISA’s update and commented:…
Category: Subcontractor
Hundreds of Dutch medical records bought for pocket change at flea market
It’s been a while since DataBreaches posted a story about unerased drives with tons of sensitive information being purchased at a flea market or auction, but here we are again, and this time in the Netherlands. Connor Jones reports: Robert Polet, a 62-year-old techie and apparent bargain hunter from Breda, a city in the southern…
School board approves letter to AG for PowerSchool data breach
Caleb M. Soptelean, The Sanford Herald, N.C. reports: The Lee County Schools Board of Education has requested that the North Carolina Attorney General pursue legal action against PowerSchool over a nationwide data breach that occurred late last year. The school board voted unanimously to send a letter to the AG, which was requested by board…
Humboldt Independent Practice Association’s breach notification leaves questions unanswered
On November 11, 2024, Humboldt Independent Practice Association (Humboldt IPA) submitted a breach report to HHS that used a placeholder of 500 for the number of patients affected. All we knew from HHS’s entry was that it was some kind of hacking or IT incident involving protected health information located in email. The California entity’s…
UnitedHealth estimates 190M people impacted by Change Healthcare cyberattack
Paige Minemyer reports: Change Healthcare now estimates that 190 million people were impacted in the massive cyberattack that took down its services nearly a year ago. UnitedHealth Group, Change’s parent company, said in a statement to Fierce Healthcare that the “vast majority” of people impacted have received an individual or substitute notice about the breach….
HCF Management healthcare facilities hit by ransomware attack; more than 70,000 patients affected
HCF Management manages a variety of healthcare facilities in Ohio and Pennsylvania, including assisted living, rehabilitation services, long-term care, and hospice services. They are a for-profit organization. On October 29, 2024, RansomHub added HCF Inc. to its leak site with a claim that they had exfiltrated 250 GB of files. Their listing did not specifically…