Here’s today’s reminder of the insider threat. We start with a notice from Geisinger about a security incident involving Nuance Communications: Nuance Communications Inc., an outside vendor that provides information technology services for Geisinger, is notifying Geisinger patients that some personal information may have been accessed by a former Nuance employee. On Nov. 29, 2023,…
Category: Subcontractor
Cyber Attack on Synnovis Pathology Lab Traced to Longstanding Known Weaknesses at London Hospitals
Scott Ikeda writes: A cyber attack on London hospitals that has unfolded over the course of June has had a devastating impact on the city’s blood supply, and has caused hundreds of operations to be postponed. New reporting from Bloomberg indicates that the city’s hospitals have long known that Synnovis, the pathology lab at the center of…
Los Angeles USD confirms data stolen from a vendor (1)
On June 6, an individual calling themself “Satanic,” listed data for sale that was allegedly from the Los Angeles Unified School District. The listing, seeking $5,000.00 claimed to include 24 million student records and additional records from employees. At the time, DataBreaches did not post anything about the listing because inspection of the sample data…
Hacker Leaks Data of 33,000 Accenture Employees in Third-Party Breach (1)
Update: Accenture has questioned the truthfulness of the claims. See their statement below the original post. Waqas writes: A hacker is claiming to have extracted contact details of 33,000 current and former employees of the IT giant Accenture in a breach that involves a third-party firm. A hacker known as “888” has recently leaked a…
Ca: Innomar Strategies patients affected by a cyber attack
DataBreaches has previously reported some of the developing news concerning a cyberattack on Cencora/Lash Group. Our coverage focused on affected U.S. entities, but Canadian and UK entities were also affected. Wire News Fax reports: Medical and personal patient data from Innomar Strategies – a major Canadian pharmaceutical company – was stolen following an intrusion into…
Federal criminal investigation involving Perry Johnson & Associates data breach
The Perry Johnson & Associates (PJ&A) data breach was the biggest reported breach involving protected health information in 2023, with more than 13 million patients affected1. Now WBEZ in Chicago reports that there is a federal criminal investigation related to the breach at the medical transcription service. Federal authorities are conducting a criminal investigation into…