On March 29, WWMT in Michigan reported: Hacked and held for ransom by a computer virus, a doctor’s office in Battle Creek was forced to close its doors after, doctors said, they refused to pay and their entire system was wiped out. Dr. William Scalf told Newschannel 3 ransomware locked up the system at Brookside…
Category: U.S.
HHS security policies should focus on incentives, not penalties, health IT leaders say
Heather Landi reports: The federal government needs to provide more resources and incentives to help healthcare organizations better protect their IT systems and data from cyberattacks, according to health IT security leaders. Currently, the Department of Health and Human Services’ privacy and security standards are too focused on compliance and are unduly punitive to healthcare…
One month later, Taos Municipal Schools District still working to recover from ransomware attack
Jesse Moya has an update on the Taos Municipal Schools District ransomware incident that occurred on February 28. On March 22, we had reported that three weeks later, the district was still working on recovering from the attack. As of March 28, they have continued to make progress, but they have not totally restored everything…
Cyber attack at Newport schools didn’t expose student data
Jim T. Ryan reports: The Newport School District got a first-hand experience with internet security after computers were infected in February with a computer virus that came through email, according to Superintendent Ryan Neuhard. “All agencies are fighting against viruses,” he said, noting that cyber security has become a priority for everyone, including schools, businesses…
MO: Burrell Behavioral Health notified more than 67,000 patients whose ePHI were exposed by business associate
On March 29, Burrell Behavioral Health published a news release about an unnamed business associate accidentally exposing ePHI of more than 67,000 patients back in August, 2018. Burrell’s notification, reproduced below, does not indicate when the problem was first detected nor how they learned of it, but it was they who notified their business associate…
DePaul experienced phishing-related data breach, notified 902 health program clients (updated, corrected)
Correction of April 9, 2019: It appears that although DePaul reviewed 41,000 emails, they wound up needing to notify only 902 patients. Sarah Taddeo reports: Local housing and health provider DePaul experienced a data breach in February that exposed some clients’ sensitive information, the organization announced Friday. The incident was deemed a “phishing scam” — a hacking…