More than five months after discovering an attack that disrupted access to some of its IT systems, Kootenai Health is sending notification letters to 464,088 patients, employees, and employees’ dependents. Kootenai Health describes itself as providing a comprehensive range of medical services to patients in north Idaho, eastern Washington, Montana and the Inland Northwest at…
Category: U.S.
Surgery Center of Mid Florida notifies patients of February ransomware attack
On or about February 21, Surgery Center of Mid Florida (“SCOMF”) experienced a ransomware attack. No group has publicly claimed responsibility for the attack, but it originated with an attack on their now-former IT vendor. The attack on the unnamed vendor gave the attackers access to SCOMF. In August, SCOMF notified regulators, explaining, in part:…
Gramercy Surgery Center hacked; data leaked on dark web (1)
Gramercy Surgery Center (“Gramercy”) is an ambulatory surgery center with locations in Manhattan and Queens, New York. On or about July 15, the threat actor(s) known as Everest Team added Gramercy to its leak site. Everest claimed to have acquired more than 460 GB of files but offered only images of two old files as…
Betances Health Center hit by ransomware attack; sensitive patient data leaked
On July 12, threat actors known as Hunters International added Betances Health Center in New York to their leak site. On July 25, they leaked what they claim is almost 125 GB of information consisting of 361,564 files. Betances Health Center describes itself as offering a full range of primary care and preventive services, as…
Six U.S. hospital breach reports from July; some have flown under the media radar (1)
Although DataBreaches does not report on all incidents involving U.S. healthcare entities, a log is kept to calculate statistics for the annual Breach Barometer report produced by Protenus, Inc. For the month of July, DataBreaches noted the following six U.S. hospitals disclosed breaches or were claimed as victims by threat actors. Some of these incidents…
4.6 Million Voter and Election Documents Exposed Online by Technology Contractor
VpnMentor reports that researcher Jeremiah Fowler discovered 13 non-password-protected databases that contained 4.6 million documents, including voter records, ballots, multiple lists, and election-related records. Through his research, Fowler found that the data was owned by Platinum Technology Resource/Platinum Elections Services. Once I was reasonably sure who managed the database, I sent a responsible disclosure notice…