News6 in Texas reports that United Regional Health Care System has disclosed an incident that occurred last July when someone accessed an employee email account. It was only in December that they first confirmed that patient information could have been accessed in the email account, even though there was no direct evidence that it had…
Category: U.S.
University of Washington Medicine patients file class action lawsuit over December 2018 leak
Amy Clancy has an update on a University of Washington Medicine breach that was disclosed in February 2019. The breach was a human error incident that resulted in more than 970,000 patients having their information exposed online for several weeks. Clancy reports that the breach has now led to a class-action lawsuit that could eventually…
Defense Information Systems Agency discloses breach
As posted by @bitsdigits on Twitter tonight: Just when you think the US Federal and Intelligence agencies were done being breached. This happens. DISA, the Defense Information Systems Administration has suffered a compromise of epic proportions. But here’s a notification for your troubles. The notification, dated February 11 and signed by Roger S. Greenwell,…
NY: Computer breach exposes Community Care Physicians patients’ info
Eric Anderson reports: A number of Community Care Physicians patients may have had their protected health information, date of birth, and insurance coverage exposed during a hack of computers at Albany-based accounting firm BST & Co. CPAs. Those affected were first notified by letter from BST on Tuesday. BST said the computer virus was active…
Protenus releases its analysis of 2019 health data breaches
Protenus’s 2020 BreachBarometer is now available for free downloading. From their highlights: Our analysis is based on 572 health data breaches reported to the U.S. Department of Health and Human Services (HHS), the media, or some other source during 2019 (Figure 1). As in years past, we do not have numbers for every incident in…
FL: NCH Healthcare (finally) sends breach notification letters for June, 2019 breach
In August, 2019, this site reported on an incident at NCH Healthcare in Florida. At the time, it was not clear whether patient data was impacted in the phishing incident. The entity had become aware of suspicious activity on June 14, but by mid-August, there was no report on HHS’s public breach or detailed disclosure….