On August 2, a researcher contacted DataBreaches.net about a misconfigured Amazon s3 storage bucket they had discovered. The bucket contained more than 10,000 files, recently updated, with protected health information of patients seen by or involved with BioTel Heart cardiac data network. Sometimes it is easy to figure out the likely owner of an Amazon…
Category: U.S.
Ad Industry Opposes FTC’s Proposed Security Regulations For Financial Institutions
Wendy Davis reports: The Federal Trade Commission’s proposed changes to security regulations for financial institutions could also affect a broad swath of non-financial companies — including ad agencies, social networks, lead generators and ad-tech companies — according to the Association of National Advertisers. The organization is urging the FTC to refrain from imposing a slate…
Imperial Valley College Hit With Ransomware Attack; Multiple Systems Impacted
Richard Montenegro Brown and Jayson Barniske report: Imperial Valley College releases a brief press statement with some additional information.) A ransomware attack unleashed on Imperial Valley College’s computer system on Aug. 6 brought down critical systems that remained offline and will likely continue until further notice, a college spokesperson confirmed. Read more on Calexico Chronicle.
Ashley County Medical Center investigates former employee accused of violating federal privacy laws
Gabrielle Phifer reports: Ashley County Medical Center is investigating a former employee they claim inappropriately viewed medical records of 772 patients. According to a release, ACMC’s policy and procedures revealed that a former employee, who has been identified as a nurse, accessed some patient information for purposes unrelated to care and treatment. Based on investigations…
Three more medical practices hit by ransomware
Atlanta does not seem to be a safe place for cybersecurity of orthopedic patients’ data. In 2016, orthopedic clinics in Atlanta got clobbered by two big breaches involving thedarkoverlord. The first was a hack and extortion demand on Athens Orthopedic Clinic, an organization that had more than a dozen locations but somehow didn’t have enough…
OH: Premier Health Partners Discloses Breach, but No Notifications to Patients Yet
Well, they know something happened, but they haven’t completed their identification of whom they need to notify yet, it seems. From a notice on Premier Health Partners‘ web site: Premier Health Partners (“Premier Health”) is providing notice of an incident that may impact the privacy of personal information for certain patients and clients of the…