Simon Sharwood reports: Japan’s minister for digital transformation and digital reform, Taro Kono, has apologized after a government app breached citizens’ privacy. The app is called the “Certificate Issuing Server” and, as explained by the municipal government of Kodaira City, allows residents to print documents such as certificates that prove they’ve paid taxes. Fujitsu Japan developed and…
Category: Subcontractor
A rough year: first a ransomware attack, then a credential stuffing attack affecting more than 1 million patients.
On April 28, NextGen submitted a breach notification to the Montana Attorney General’s Office. Thinking it would be a report linked to the ransomware attack by AlphV (BlackCat) in January, DataBreaches prepared to write an update. But it turned out that it was not that incident. It was a seemingly unrelated incident. NextGen, a business…
NY: Catholic Health patients may have fallen victim to data breach by a consultant’s employee
Evan Anstey reports: Some of Catholic Health’s long-term care residents may have fallen victim to a data breach that took place over the summer. The health organization says Minimum Data Set Consultants (MDS), a firm that provides consulting services to skilled nursing facilities, was the target of the breach. MDS started investigating this in March,…
Brightline continues notifying clients of GoAnywhere incident; count continues to rise (more than 1 million)
Updated May 3: When DataBreaches checked Clop’s leak site today, the listing for Brightline was gone. Whether this means that they paid Clop to get it removed, or if its removal is just temporary remains to be seen. But out of all the health-related Fortra clients this site reported on in April, the Brightline listing…
Data breach could affect up to 100,000 patients at Queensway Carleton Hospital
Elizabeth Payne reports: Health and personal information, home addresses and OHIP numbers of up to 100,000 patients at Queensway Carleton Hospital have been affected by a major data breach involving an Ottawa-based third-party software provider. The hospital sent out public notices of the breach Friday and is contacting patients individually. It has also notified the…
The Fortra/GoAnywhere breach also affected healthcare entities. Here’s what we know so far, Part 2.
More than two months after Fortra first began notifying clients that threat actors had exploited a vulnerability in GoAnywhere, many patients whose protected health information was stolen may still have no clue. In Part 1, we noted six entities that have disclosed the breach. Five of them are listed on Clop’s leak site with their…