Seen on their web site: On August 2, 2016, Harbin Clinic was notified by document storage facility Iron Mountain, Inc., that several boxes of medical records are unaccounted for and/or are missing or destroyed from their Atlanta facility. Harbin Clinic engaged the data safety warehouse to maintain the privacy of our patients’ records, as Iron Mountain…
Category: Subcontractor
OCR closes investigation of Bizmatics, Inc. breach
In doing some of my weekly investigating, I discovered that OCR seems to have closed its investigation into the Bizmatics, Inc. breach that affected an untold number of PrognoCIS customers and their patients. At last count, I think we knew about almost 300,000 patients that were notified of an incident where Bizmatics could not even…
Millennium Hotels & Resorts North America Informed of Potential Data Security Incident
The Secret Service alerts you, a vendor notifies you… do we really think this is just a “potential” data security incident? Their press release: Millennium Hotels & Resorts North America (MHR) has become aware of a data security incident involving food and beverage point of sale systems at 14 of its hotels in the United…
Four states’ fishing and hunting licensing sites hacked (update3)
The databases of four state wildlife sporting licensing sites have been hacked, according to an individual who claims to be the hacker. On Monday, an individual calling him/herself “Mr. High” posted the following on an AlphaBay forum: I just hacked four websites and reported the security holes. Two of these were government websites. All of these…
Newkirk Products, Inc. Provides Update to Notice of Data Breach
From Newkirk, notice that another health insurer was also affected by the previously reported breach: Newkirk Products, Inc. (“Newkirk”), a service provider that issues healthcare ID cards for health insurance plans, today provided an update on its previously announced cyber security incident. Symphonix Health Insurance, a client of DST Health Solutions, Inc., is also identified…
Athens Orthopedic Clinic incident response leaves patients in the dark and out of pocket for protection
On June 26, after learning that databases with patients’ protected health information had been put up for sale on the dark web, DataBreaches.net began investigating and trying to alert the victim entities so that they could take immediate steps to try to mitigate harm to patients. By that evening, I had sent an email to Athens Orthopedic…