Region 8 reports: Participants’ data of St. Bernards Total Life Healthcare, Inc. was breached by a ransomware attack, according to a media release from HIPAA Privacy Officer Daya S. Shipman. PeakTPA, a healthcare management services provider, notified TLH on Jan. 23 of a breach on or about December 28, 2020. Read more on KAIT8. PeakTPA…
Category: U.S.
WI: 900 emails of COVID vaccination registrants accidentally shared in Walworth County
Lake Geneva Regional News reports: Over 900 emails belonging to those who registered for COVID-19 vaccines were accidentally shared with the public. On March 11, the Walworth County Department of Health & Human Services announced a breach of the Health Insurance Portability and Accountability Act (HIPAA) related to its vaccine registration process. Read more on…
NY: Buffalo Public Schools hit with ransomware event
WBEN in Buffalo reports: Remote classes were canceled Friday in Buffalo Public Schools. Superintendent Kriner Cash says the district was hit by a ransomware event. The district says the IT department immediately went into problem resolution mode reaching out to a number of expert colleagues and professionals who have had experience with these types of…
NY: Home care agency notifies more than 92,000 after ransomware attack
Back in January, Sodinokibi (REvil) threat actors added Preferred Home Care of New York to their dark web leak site. At the time, the threat actors did what they usually do — they posted a few screencaps as proof of access. The screencaps showed directories of folders and images of identity cards of people working…
Hackers Rushed in as Microsoft Raced to Avert Mass Cyber-Attack
Kartikay Mehrotra and Alyza Sebenius report that the timing of the attacks exploiting vulnerabilities in Microsoft Exchange right before Microsoft could push patches out has Microsoft considering whether there was some leak that alerted the hackers: Microsoft is now investigating the possibility of a leak that may have triggered these mass Exchange compromises ahead of…
Overseas Service Corporation notification of a breach
Another report we may not see on HHS’s public breach tool but that involves health information. This reads like it is a notification to employees based on the types of data involved, but it doesn’t actually say who the breach impacted. Overseas Service Corporation (“OSC”) announced today a phishing email incident that involved a small…