Cassandre Coyer reports: Health-care billing company Medical Billing Specialists Inc. didn’t appropriately monitor its computer systems, failing to notice a data breach exposing swaths of its clients’ patient data, a proposed class action said. The provider didn’t follow its contractual requirements with medical providers, nor “industry standards, common law, and representations” it made about its…
Category: Subcontractor
Business Associate breaches account for the largest percentage of breached patient records
As time permits, DataBreaches will take a deeper look at some of the findings reported in the Bluesight 2025 Breach Barometer. This post concerns business associates. In September 2016, DataBreaches.net published its first cumulative attempt to look at business associate breaches in the healthcare sector. At the time, HHS did not have any way to…
Bluesight’s 2025 Breach Barometer Report Reveals Surge in Healthcare Data Breaches
ALEXANDRIA, Va., Feb. 26, 2025 /PRNewswire/ — Bluesight, the leading provider of inventory management, procurement, and compliance solutions for health systems and hospital pharmacies, today released its 2025 Breach Barometer report. The report, featuring analysis from DataBreaches.net and Clearwater, examines data breaches over the past year affecting U.S. patient and health data, highlighting the growing challenges healthcare…
Medusa Unveils Another 50TB of Stolen Data from HCRG Care Group, Giving Greater Insight Into the Scope of the Breach
After the Medusa gang reportedly demanded a $2 million ransom from UK healthcare and community services provider HCRG Care Group, HCRG confirmed they had a breach and said they were investigating. But they did not confirm that patient data and employee was affected and they did not confirm that files had been encrypted. On February…
DISA Global Solutions reports more than 3.3 million people affected by 2024 data breach, but questions remain
On February 3, DataBreaches quoted a press release by BakerHostetler about a breach update from DISA Global Solutions that DISA had issued on January 23, 2025. BakerHostetler’s release was subsequently removed from their website, although a copy still currently exists at PublicNow. Of note, in their main takeaways section, BakerHostetler quoted DISA’s update and commented:…
Hundreds of Dutch medical records bought for pocket change at flea market
It’s been a while since DataBreaches posted a story about unerased drives with tons of sensitive information being purchased at a flea market or auction, but here we are again, and this time in the Netherlands. Connor Jones reports: Robert Polet, a 62-year-old techie and apparent bargain hunter from Breda, a city in the southern…