As part of an ongoing investigation into the May 2023 data breach of Progress Software’s MOVEit Transfer software on the corporate network of Maximus Federal Services, Inc. (Maximus Federal Services), a contractor to the Medicare program, the Center for Medicare & Medicaid Services (CMS) has learned of additional individuals whose personally identifiable information (PII) may…
Category: Subcontractor
Was a recent OCR settlement fair? Maybe, but maybe not.
Sometimes you think you did a good job — and sometimes you actually did do a good job compared to everyone else — but someone comes along and says what you did wasn’t satisfactory at all. And when that “someone” is the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR),…
PJ&A data breach also affected millions of Northwell Health patients (1)
News12 on Long Island reports that the Perry Johnson & Associates (PJ&A) breach reported previously on this site has also affected Northwell Health, a major health system on Long Island. PJ&A is the same medical transcription service vendor whose breach affected 1.2 million patients of Cook County Health in Illinois. That health system was notified…
Southwestern Ontario hospitals will rebuild network from scratch amid fallout from cyberattack; more data leaked
CBC reports: All five southwestern Ontario hospitals impacted by a cyberattack just over two weeks ago will rebuild their networks from scratch, the hospitals say in an update Wednesday. But the hospitals also say the investigation into precisely whose data was taken in the attack is expected to take months. “Through our investigation we know…
Info from 5.6 million patient visits among data stolen in ransomware attack on Ontario hospital
Kathleen Saylors and Jennifer La Grassa report: A database containing information on 5.6 million patient visits to Bluewater Health and the social insurance numbers of as many as 1,446 Chatham-Kent Health Alliance employees are among the data taken in the ransomware attack on five southwestern Ontario hospitals, officials said in a lengthy update Monday. […] According to…
Update: Sensitive patient data leaked from TransForm ransomware incident; hospitals and centers affected
As predicted, Daixin has leaked the third part of the data they exfiltrated from TransForm and Canadian healthcare entities. DataBreaches reported the first leak when Daixin publicly claimed responsibility for the attack. The second leak followed two days later, and less than one day later, the third tranche dropped. As with the first two leaks,…