On November 11, 2024, Humboldt Independent Practice Association (Humboldt IPA) submitted a breach report to HHS that used a placeholder of 500 for the number of patients affected. All we knew from HHS’s entry was that it was some kind of hacking or IT incident involving protected health information located in email. The California entity’s…
Category: Subcontractor
UnitedHealth estimates 190M people impacted by Change Healthcare cyberattack
Paige Minemyer reports: Change Healthcare now estimates that 190 million people were impacted in the massive cyberattack that took down its services nearly a year ago. UnitedHealth Group, Change’s parent company, said in a statement to Fierce Healthcare that the “vast majority” of people impacted have received an individual or substitute notice about the breach….
HCF Management healthcare facilities hit by ransomware attack; more than 70,000 patients affected
HCF Management manages a variety of healthcare facilities in Ohio and Pennsylvania, including assisted living, rehabilitation services, long-term care, and hospice services. They are a for-profit organization. On October 29, 2024, RansomHub added HCF Inc. to its leak site with a claim that they had exfiltrated 250 GB of files. Their listing did not specifically…
Toronto student information dating back to 1985 may have been accessed in PowerSchool cyber incident
Meredith Bond reports: Student information for those who attended Toronto District School Board as far back as 1985 may have been compromised by a cyber incident that happened in December 2024. On Jan. 8, the TDSB sent a letter to parents explaining the incident involving the PowerSchool software, which is used by many boards across…
DOJ confirms arrested US Army soldier is linked to AT&T and Verizon hacks
Zack Whittaker reports: U.S. prosecutors have formally linked the arrest of a serving U.S. Army soldier in December to a massive theft of U.S. phone records from AT&T and Verizon last year. Authorities arrested Cameron John Wagenius, a U.S. Army communications specialist, in Texas on December 20 following a brief two-page grand jury indictment accusing the U.S….
RIBridges has many lines of defense. How was the system breached?
This article by Alexander Castro originally appeared in Rhode Island Current on January 10, 2025 and is republished here under Creative Commons License. It was updated to replace several paragraphs in the “Slow Leak” section to include a response Deloitte sent the author post-publication. Rhode Island’s online public benefits system appears to be a fortress…