On February 26, Arizona Complete Health notified plan members of the Accellion breach. According to the notification (see below), the threat actors (who have since self-identified as CLOP) were able to “view or save” member information between January 7 and January 25, 2021. The types of ePHI involved included insured members’ name and one or…
Category: U.S.
FL: Leon County Schools website hacked during spring break
Karah Bailey reports: One of the last things parents might want their children to experience was the first and most noticeable thing on the Leon County Schools homepage this morning: hate speech highlighted in an orange banner for all who logged in to see. The post, with comments too offensive to repeat, has been taken…
Playing ‘Price is Right’-style game, GR doctors post operating room photos online
Susan Samples reports: Spectrum Health says it has launched an investigation after a group of doctors posted to Instagram photos taken in the operating room that show an organ from one patient and fibroid tissue from another. One picture showed a doctor posing with a length of fibrous tissue in his hand. It appeared the…
FDLE arrests mother and daughter for unauthorized access into hundreds of student accounts
Agents with the Florida Department of Law Enforcement today arrested Laura Rose Carroll, 50, and her daughter, 17, of Pensacola on one count each of offenses against users of computers, computer systems, computer networks, and electronic devices (a 3rd degree felony), unlawful use of a two-way communications device (a 3rd degree felony), criminal use of personally…
21 months after a ransomware attack, a business associate breach first shows up on HHS’s breach tool. Here’s why.
HIPAA Journal reports on an incident that is illustrative of the challenges entities may face in the wake of a ransomware attack — determining whether a breach is a reportable incident or not. It also illustrates what may happen if an entity decides something is not a reportable breach but further investigation by the U.S….
MI: Troy School District website down after hacking from outside U.S., leaders say
Mark Hicks reports: The Troy School District’s website is down after hackers posted discriminatory messages Monday, officials said. The hack was discovered in the afternoon, the district said on its Facebook page. “Hate speech and graffiti was posted on all of our district websites and the system’s internal messenger was used to send emails to…