On March 19, this blog linked to a TechCrunch report about an improperly secured Meditab fax server that potentially allowed fax images with patient information to be accessed from an analytics portal. The exposure had been found by SpiderSilk, a cybersecurity firm in Dubai, who estimated that 6 million images were potentially accessible. The TechCrunch…
Category: Subcontractor
Accounting firm notifies clients affected by Citrix Shareful incident
In December, 2018, Citrix forced a password reset for some of its clients due to what appeared to be a credential stuffing attack against ShareFile. But did some customers first find out about it March? On April 16, external counsel for LD Evans, CPA provided notification that began; On March 4, 2019, LD Evans learned…
UK: Law Firm Launches $6.5 Million Action Against Ticketmaster Over Data Breach
Richard Smirke reports: A British law firm has launched a £5 million ($6.5 million) legal action against Ticketmaster following last year’s security breach, which is believed to have affected up to 40,000 U.K. customers. […] The U.K. arm of Ticketmaster detected a major security breach on June 23, 2018 when it identified malicious software on…
MO: Burrell Behavioral Health notified more than 67,000 patients whose ePHI were exposed by business associate
On March 29, Burrell Behavioral Health published a news release about an unnamed business associate accidentally exposing ePHI of more than 67,000 patients back in August, 2018. Burrell’s notification, reproduced below, does not indicate when the problem was first detected nor how they learned of it, but it was they who notified their business associate…
Lansing woman deals with data breach aftermath – but is it really from that breach??
WILX reports: About six months ago, a medical billing company was hacked and patients information was compromised. One Lansing woman says she’s still dealing with the aftermath. Joanne Fink says she’s getting calls from companies referencing her specific medical conditions. She believes it’s related to the data breach at Wolverine Solutions Group. Read more on…
24K Cremation Society of Pa. customers notified of possible loss of personal information
Steve Marroni reports: The personal information of more than 24,000 clients of the Cremation Society of Pennsylvania may have been compromised. While officials do not believe any identities have actually been stolen, the organization’s corporate headquarters notified 24,168 people about the possible breach and is offering them free identity protection and credit monitoring services, officials…