Like other journalists who cover data breaches in the healthcare space, I routinely check HHS’s public breach disclosure tool (sometimes called “The Wall of Shame”) to see what breaches have been reported to them and with what numbers. One of the recent entries was from a “Stephan C. Dean” who listed himself as a business…
Category: U.S.
SC: Bluffton Township Fire District systems attacked with ransomware
I had missed this ransomware incident report last week from Marah Brock: On March 15, the Bluffton Township Fire District’s electronic systems were hacked. Officials said in a press release that during the day personnel reported district-wide issues accessing server information, reporting systems and everyday computer programs. Read more on Fox28media. They do not report…
Ameren Missouri Equipment Supplier Targeted In Ransomware Attack
Shahla Farzan reports: Ransomware attackers have stolen data from a third-party vendor that supplies utility equipment to Ameren Missouri power plants. Dozens of data files from Ohio-based LTI Power Systems appeared on a ransomware server in late February, including equipment diagrams and schematics from two Ameren Missouri facilities. No customer information appears to have been…
University of Utah Health notifies patients of phishing attacks that began in January
The University of Utah Health is notifying patients whose protected health information was in some employees’ email accounts after they fell for a phishing attack. The following is a notice posted on their website March 20th: We are committed to protecting the confidentiality of our patients’ information. Regrettably, this notice is regarding an incident involving…
Oregon DHS notifies public of data breach
KTVZ reports: The Oregon Department of Human Services announced Friday that it uncovered a “phishing” incident on March 6 that affected one staff member’s e-mail. […] The security and confidentiality of private health information is critical to the Department of Human Services. While the department cannot confirm that any clients’ personal information was acquired from…
Golden Valley Health Centers notifies patients after employee email account comprised
From their press release earlier today: Golden Valley Health Centers has become aware of a data security incident that may have resulted in the inadvertent exposure of patients’ health information. Although at this time, there is no evidence that patient information was actually accessed or viewed, or any indication of anyone’s information being misused, Golden…