As some will likely have already noticed, Daixin Team released the second part of the data leak from five hospitals in Ontario that have IT services provided by TransForm SSO. The first leak, containing many patient records, was previously reported by DataBreaches on November 1. Skimming the second tranche, DataBreaches noted a lot of internal…
Category: Subcontractor
Okta hit by third-party data breach exposing employee information
Bill Toulas reports: Okta is warning nearly 5,000 current and former employees that their personal information was exposed after a third-party vendor was breached. Okta is a San Fransisco-based cloud identity and access management solutions provider whose Single Sign-On (SSO), multi-factor authentication (MFA), and API access management services are used by thousands of organizations worldwide….
SG: Healthcare institutions website outage did not disrupt critical service but it does shake confidence
Carmen Sin reports from Singapore: The websites of major public hospitals, polyclinics and healthcare clusters in Singapore could not be accessed for more than seven hours on Wednesday after they crashed at about 9.20am. Access was restored at about 4.30pm but, until then, users were unable to access the websites of Singapore General Hospital, Tan…
Exclusive: Advarra hacked, threat actors threatening to leak data (1)
Advarra describes itself as providing integrated solutions to safeguard trial participants, empowering clinical sites, ensuring compliance, and optimizing research performance for thousands of sponsors, contract research organizations, institutions, academic medical centers, and research consortia that it services. On or about October 25, Advarra was hacked and data was exfiltrated. According to one of the people…
Hackers Accessed 632,000 Email Addresses at US Justice, Defense Departments
Ari Natter reports: A Russian-speaking hacking group obtained access to the email addresses of about 632,000 US federal employees at the departments of Defense and Justice as part of the sprawling MOVEit hack last summer, according to a report on the wide-ranging attack obtained through a Freedom of Information Act request. The report, by the US…
South Australian health patients caught up in data breach of third-party platform Personify Care
ABC reports: Thousands of South Australian public health patients are being contacted over a data breach of a third-party run portal. The state government said “unintentional human error” by patient portal Personify Care allowed an “unauthorised third party” to delete a folder used to store patient documents uploaded to an online platform. Department of Health…