One of the breach notices that showed up in routine searches this morning was from Associated Eye Care Partners, LLC (“AEC”). The first sentence of the notification letter was: We are contacting you to inform you of a data incident experienced by a third-party vendor for Associated Eye Care Partners, LLC (“AEC”). My mind…
Category: U.S.
Bits ‘n pieces, Saturday edition
The following are four more incident reports DataBreaches has noted. It is not yet clear whether some of them involve patient data or not. CAROLINA BEHAVIORAL HEALTH ALLIANCE in North Carolina has been notifying law enforcement, state regulators, and patients about a ransomware attack they detected on March 20, the day after it began. Covered…
NY: Mattituck School District targeted in ransomware attack Wednesday
Melissa Azofeifa and Joe Werkmeister report: The Mattituck-Cutchogue School District was the latest Long Island district to be the target of a ransomware attack. Superintendent Shawn Petretti issued a statement Friday saying an investigation into the attack is in its early stages. From the district’s statement: “On Wednesday, July 6, our school district became the…
WY: Former Employee Inappropriately Accessed Cheyenne Regional Medical Center Patient Health Records
Phoenixville Hospital was just one of two reports this week involving employees behaving badly by accessing patient files without a legitimate purpose. On July 6, Cheyenne Regional Medical Center in Wyoming revealed that a former employee had inappropriately accessed several patients’ personal health records between August 31, 2020, and May 26, 2022. In this case,…
PA: Phoenixville Hospital notifying patients after discovering improper EMR access by employee
Despite employers’ best efforts, some employees will just continue to try to snoop in patient files. This time, a covered entity discovered the wrongdoing via their own internal monitoring. Phoenixville Hospital, operated by Tower Health, reports that a recent review detected that an employee had accessed a patient’s electronic medical records (EMR) without any apparent…
Graff paid £6m ransom fee to Conti, now sues Travelers for refusing to reimburse
Sam Lewis reports: It has been revealed that high-end British jeweller Graff paid out a ransom fee topping £6 million in a well-publicised cyber attack last year. It emerged in November 2021 that Graff had been the target of Russian hackers who had gained possession of data pertaining to many of Graff’s high-profile customers. The incident is…