Advarra describes itself as providing integrated solutions to safeguard trial participants, empowering clinical sites, ensuring compliance, and optimizing research performance for thousands of sponsors, contract research organizations, institutions, academic medical centers, and research consortia that it services. On or about October 25, Advarra was hacked and data was exfiltrated. According to one of the people…
Category: Subcontractor
Hackers Accessed 632,000 Email Addresses at US Justice, Defense Departments
Ari Natter reports: A Russian-speaking hacking group obtained access to the email addresses of about 632,000 US federal employees at the departments of Defense and Justice as part of the sprawling MOVEit hack last summer, according to a report on the wide-ranging attack obtained through a Freedom of Information Act request. The report, by the US…
South Australian health patients caught up in data breach of third-party platform Personify Care
ABC reports: Thousands of South Australian public health patients are being contacted over a data breach of a third-party run portal. The state government said “unintentional human error” by patient portal Personify Care allowed an “unauthorised third party” to delete a folder used to store patient documents uploaded to an online platform. Department of Health…
Cyber Attack Causing Service Interruptions At Ontario Hospitals
Meagan DeLaurier reports: An update on service interruptions at local hospitals. On Monday, it was reported that Windsor Regional Hospital, Hotel Dieu Grace, Erie Shores Healthcare, Hospice of Windsor-Essex and the Chatham-Kent Health Alliance were experiencing service interruptions, such as email service being down. An update provided on Monday evening by the hospitals affected states…
Cook County Health and Hospitals System terminates relationship with medical transcription service, notifying patients of breach
On September 24, Cook County Health and Hospitals System (CCH) in Illinois notified HHS of a breach. At the time, CCH reported that 500 patients were affected. The “500” entry is usually just a marker to indicate that the entity knows that they were required to notify HHS and individuals no later than 60 days…
Blackbaud settles breach probe by states for nearly $50M
Steven Ardary reports: A South Carolina software company has agreed to a multi-million dollar settlement for a 2020 ransomware event that exposed the personal information of millions of consumers in the United States. South Carolina Attorney General Alan Wilson announced that Blackbaud would pay $49.5 million to states settling allegations that the company violated state…