The American Armed Forces Mutual Aid Association, a non-profit organization in Virginia that provides insurance and benefits services to the military community, is notifying 161,621 individuals of a hacking incident. On January 29, AAFMAA became aware of suspicious activity on its system. Their investigation revealed that an unauthorized party had first gained access to certain…
Category: U.S.
Some UPMC St. Margaret patients’ info shared with unauthorized organization by now-former employee
Paul J. Gough reports that an employee of UPMC St. Margaret was fired after they sent a record to an unidentified outside organization that contained patient information. A March 5th statement on UPMC’s web site reveals that on August 8, 2020, UPMC first became aware of the inappropriate disclosure of a medication administration report to an…
SC: Sandhills Medical Foundation notifies patients of vendor breach
Updated 3/6/2021: Sandhills reported this incident to Maine as impacting 39,602 patients, total. Original Post: Sandhills Medical Foundation has posted a notice of a data security incident on their web site, reproduced below. Based on the dates and description, it appears that this is the Netgain Technology LLC data breach that has previously been noted…
Idaho man charged with hacking into the computers of the City of Newnan and metro-Atlanta medical clinics
It appears that law enforcement has caught up with “Lifelock.” DataBreaches.net had reported exclusively on “Lifelock” back in April of 2018, and then again in June and July of 2018. At the time, I pointed out some of the striking similarities between “Lifelock” and “thedarkoverlord” (or the one I refer to as the first spokesperson…
CA: St. Agnes Medical Center patient data compromised in email breach at St. Alphonsus
Donald A. Promnitz reports: Saint Agnes Medical Center has experienced a cybersecurity incident that originated with a sister hospital in the Pacific Northwest. According to a media release from Saint Agnes, an employee of Oregon/Idaho-based Saint Alphonsus Health System had their email compromised by an unauthorized user. This individual used the employee’s account to send…
Spirit Airlines hit by Nefilim ransomware – Report
Marco De Felice reports: In these hours, the ransomware group Nefilim has published on the dark web a first part of data stolen from the American “ultra low cost” company Spirit Airlines. The first block contains over 40GB of data with over 33,000 files. Financial data, personal information of customers who purchased tickets to fly with…