On August 17, 2023, SysInformation Healthcare Services, LLC, d/b/a EqualizeRCM (“SysInformation”) notified HHS of a breach. The firm, a business associate that provides revenue and billing cycle management services, reported that 501 patients had been affected. That number is generally interpreted as a placeholder marker when the entity has not yet figured out the real…
Category: Subcontractor
Infosys McCamish Systems ransomware attack affected more than 6 million people
Infosys McCamish Systems (“IMS”) in Atlanta provides software and services to the life insurance industry. In October 2023, it was the victim of a ransomware attack that affected 6,078,263 people. As they explain in a notification to the Maine Attorney General’s Office, they were providing notification on their own behalf as a data owner and…
If the insider threat is at your vendor, could you discover it quickly?
Here’s today’s reminder of the insider threat. We start with a notice from Geisinger about a security incident involving Nuance Communications: Nuance Communications Inc., an outside vendor that provides information technology services for Geisinger, is notifying Geisinger patients that some personal information may have been accessed by a former Nuance employee. On Nov. 29, 2023,…
Cyber Attack on Synnovis Pathology Lab Traced to Longstanding Known Weaknesses at London Hospitals
Scott Ikeda writes: A cyber attack on London hospitals that has unfolded over the course of June has had a devastating impact on the city’s blood supply, and has caused hundreds of operations to be postponed. New reporting from Bloomberg indicates that the city’s hospitals have long known that Synnovis, the pathology lab at the center of…
Los Angeles USD confirms data stolen from a vendor (1)
On June 6, an individual calling themself “Satanic,” listed data for sale that was allegedly from the Los Angeles Unified School District. The listing, seeking $5,000.00 claimed to include 24 million student records and additional records from employees. At the time, DataBreaches did not post anything about the listing because inspection of the sample data…
Hacker Leaks Data of 33,000 Accenture Employees in Third-Party Breach (1)
Update: Accenture has questioned the truthfulness of the claims. See their statement below the original post. Waqas writes: A hacker is claiming to have extracted contact details of 33,000 current and former employees of the IT giant Accenture in a breach that involves a third-party firm. A hacker known as “888” has recently leaked a…