Eventus WholeHealth, PLLC (“Eventus”) provides integrated primary care and mental health services to medically vulnerable adults. In a press release issued this week, they disclose a breach involving protected health information. “On June 1, 2022, we observed suspicious activity associated with a single Eventus email account, despite multifactor authentication on the account.” Comment: That statement…
Category: Subcontractor
Ro says it ‘inadvertently’ exposed employees’ personal information
Zack Whittaker and Natasha Mascarenhas report: Healthcare unicorn Ro is notifying employees of a data exposure involving their personal information after a security contractor “inadvertently” uploaded a spreadsheet of employee data to the internet. In a data breach notice obtained by TechCrunch from an affected employee who received the notice this week, Ro said it…
Some Tufts community members’ health insurance information compromised in vaccine clinic data breach
Emily Thompson reports: Tufts announced in a Thursday evening email to the community that its vaccine clinic provider, Pelmeds, has experienced a data breach involving images of patients’ insurance cards. The number of Tufts community members affected by the breach is still unknown. Tufts has ended its contract with the company and postponed all previously…
Data Breach at Canadian Border Agency Contractor Involved up to 1.38 Million Licence Plates
The Canadian Press reports: The federal privacy watchdog says a data breach at a contractor for Canada’s border agency involved as many as 1.38 million licence plate images and associated information. In a report detailing its investigation, the privacy commissioner’s office cites inconsistencies in the way the Canada Border Services Agency managed licence plate information…
Wolfe Clinic notifies patients of Eye Care Leaders breach
I tweeted this yesterday, but probably should note it here too: When I saw Wolfe Clinic had reported a breach to HHS impacting 542,776 patients, I thought they had just updated their 500k figure from the ransomware attack by Lorenz last year. But it turned out that this was a new, and unrelated report due…
Scoop: VSS Medical Technology’s Terrible, Horrible, No Good, Very Bad Day
DataBreaches suspects that most readers would agree that getting hit by a ransomware gang qualifies your day as a very bad day. But how about getting hit by two different ransomware gangs on the same day? VSS Medical Technology and one of their companies, Sigmund Software, had what sounds like a terrible, horrible, no good,…