HHS has announced another Security Rule enforcement action. This one involves iHealth Solutions (dba Advantum Health), a business associate. The incident involved an unsecured server where protected health information of patients was exfiltrated. The iHealth incident had been discovered by Kromtech Security and was first reported by DataBreaches on May 9, 2017. On May 10,…
Category: U.S.
Sweetwater Union High School District now admits February outage was a hack, but still hasn’t answered questions
There’s an update to a report in February about an outage that wasn’t described at the time as a hack or ransomware attack. Laura Acevedo reports: The Sweetwater Union High School District has confirmed a hack was the cause of a days-long system outage at their facilities, saying the personal information of employees, students, and families…
NYC schools disclose student and staff information affected by MOVEit breach; National Student Clearinghouse silent on question of extortion payment
Jessica Gould reports: The New York City Department of Education estimates that the personal data of some 45,000 students was compromised as part of a breach involving the file transfer software MOVEit. Officials said the compromised data includes social security numbers, birth dates and certain student evaluations, though the specific types of data breached varies…
Four senior residences in Pennsylvania disclose a data security breach in April
Four senior residences have disclosed that they were the victims of a network intrusion in April that may have compromised residents’ personal and protected health information. Senior Choice, Inc., dba The Atrium in Johnstown, Beacon Ridge in Indiana, and The Patriot in Somerset reported an incident that occurred between April 18 and April 23. The…
Former Highmark employee accused of misusing customer info to steal money from their health savings accounts
Jillian Hartmann of WPXI reports on an insider-wrongdoing case that has affected 8 customers of Highmark Health: Allegheny County District Attorney’s office charged Zakayah Scott who worked remotely from South Carolina for Highmark Health. Authorities said Scott had access to customers’ personal information including birthdays, addresses and phone numbers. They said she called Highmark’s customer…
Hacker responsible for 2020 Twitter breach sentenced to prison
Zack Whittaker reports the update to the case of Joseph James O’Connor, a British national who was extradited to the U.S. from Spain and pleaded guilty in May: Three years after one of the most visible hacks in recent history played out in real-time in front of millions of Twitter users, one of the hackers responsible…