As I commented this week: protected health information or medical information can be found in so many breaches involving entities that may not sound “medical” to you. Today, this site is posting two such notifications. Here’s the first. BLUE ASH, OHIO, September 24, 2021 – On July 27, 2021, Council on Aging of Southwestern Ohio (COA) experienced…
Category: U.S.
United Health Centers of San Joaquin Valley remains publicly silent after ransomware attack
Threat actors known as Vice Society have disclosed another attack on the healthcare sector. This time, the victim is United Health Centers of the San Joaquin Valley in California. Lawrence Abrams of BleepingComputer reports: On August 31st, BleepingComputer was told by a source in the cybersecurity industry that United Health Centers was reeling from a…
Ransomware disrupts services at Coos County Family Health Services in Berlin
John Koziol reports: For the second time this year, a North Country nonprofit organization based in the city has been hit by a ransomware attack. Hackers struck the Androscoggin Valley Regional Refuse Disposal District this spring, with the district paying an undisclosed amount to get its computer files back, while on Monday hackers targeted Coos…
Reports of ePHI breaches are everywhere, but not always were you might look
There are a number of journalists or sites that monitor news and legal notices for disclosures of breaches involving protected health information (PHI). And it’s tempting, when you see that the entity is a business, to just skip on by. But don’t. If a business has a health plan for employees, then they may be…
VA: Greensville County Public Schools hit by Grief threat actors
Grief threat actors have added another k-12 district to their list of victims who have refused to pay their ransom demands. Greensville County Public Schools in Emporia, Virginia was added to Grief’s dark web leak site on September 21. But by September 15, the district had already disclosed that they were dealing with a cyberware…
State-sponsored hacking group targets Port of Houston using Zoho zero-day
Catalin Cimpanu reports: A suspected state-sponsored hacking group has attempted to breach the network of the Port of Houston, one of the largest port authorities in the US, using a zero-day vulnerability in a Zoho user authentication appliance, CISA officials said in a Senate hearing today. Port officials said they successfully defended the attack, and “no…