CORRECTION AND UPDATE: DataBreaches has been contacted by a spokesperson for Delaware Health Information Network who says that they were not the party responsible for this breach and this site should not have linked to them and should have linked to Delaware Health Net if they were the responsible party. DataBreaches checked the medical center’s…
Category: Subcontractor
HHS Office for Civil Rights Settles HIPAA Investigation with iHealth Solutions Regarding Disclosure of Protected Health Information on an Unsecured Server for $75,000
HHS has announced another Security Rule enforcement action. This one involves iHealth Solutions (dba Advantum Health), a business associate. The incident involved an unsecured server where protected health information of patients was exfiltrated. The iHealth incident had been discovered by Kromtech Security and was first reported by DataBreaches on May 9, 2017. On May 10,…
Oreo cookie maker says crooks gobbled up staff info
Jessica Lyons Hardcastle reports: Mondelez International has warned 51,000 of its past and present employees that their personal information has been stolen from a law firm hired by the Oreo and Ritz cracker giant. To be clear, the miscreants didn’t infiltrate Mondelez’s IT estate: they broke into Bryan Cave Leighton Paisner LLP‘s network. And as…
Ransomware Gang Haunted US Firms Long Before MOVEit Hack
Jamie Tarabay reports: Shell Plc, IAG SA’s British Airways, the British Broadcasting Corp., the state of Minnesota’s Department of Education, multiple federal agencies — they’re among the victims of the latest data breach launched by Clop, a Russian-speaking hacking group that’s attacking targets around the world in both the public and private sectors. The Clop gang, also known as…
16,000 Vermont health insurance customers affected by Fortra/GoAnywhere breach, more than previously known
DataBreaches continues to keep an eye out for reports on how the Fortra/GoAnywhere breach affected the healthcare sector. Here’s another report, this one by Tiffany Tan: The personal information of at least 16,000 Vermont health insurance customers was stolen in a cyberattack in January — more than twice the number originally reported. The affected people…
US Energy Dept gets two ransom notices as MOVEit hack claims more victims
Reuters reports: WASHINGTON: The U.S. Department of Energy got ransom requests from the Russia-linked extortion group Cl0p at both its nuclear waste facility and scientific education facility that were recently hit in a global hacking campaign, a spokesperson said on Friday. The DOE contractor Oak Ridge Associated Universities and the Waste Isolation Pilot Plant, the…