On February 20, 2017, Atlantic Digestive Specialists (“ADS”) discovered that some of its systems were infected with ransomware. ADS removed the ransomware from the affected systems by February 22, 2017. ADS has been working diligently, with the assistance of third-party forensic investigators, to determine the full nature and scope of this incident. To date, the…
Category: U.S.
Iowa Veterans Home warns nearly 3,000 of data breach after phishing incident
In February 2017, Google and the State of Iowa were the target of multiple phishing email campaigns. The Office of the Chief Information Officer (OCIO) and the Iowa Veterans Home jointly responded and coordinated the recovery of the incident and worked together to implement additional measures to prevent a similar occurrence in the future. We…
RI: Lifespan notifying 20,000 patients after unencrypted laptop stolen from employee’s car
Lifespan is committed to protecting the security and confidentiality of our patients’ information. Regrettably, this notice concerns an incident involving some of that information. To date, Lifespan has no indication that any patient information has been accessed or used by anyone as a result of this incident. Lifespan is investigating the theft of an employee’s…
Cleveland Metropolitan School District discloses phishing-related incident
Cleveland Metropolitan School District, (“CMSD”), recently discovered an event that that may affect the security of personal and financial information of a select group of employees, students, their guardians, and/or other affiliates of CMSD. What Happened? On March 6, 2017, CMSD determined that certain categories of employee, student, and/or guardian information contained in a limited…
PAUSD student data exposed in Schoolzilla data breach
So we’re beginning to learn a bit more about the Schoolzilla data breach that MacKeeper Security Research Center’s Chris Vickery reported yesterday. Chris had reported that 1.3 million students had their data in the misconfigured Amazon bucket, but he couldn’t be more specific as to where these students came from as he deleted the data…
No Business Associate Agreement? $31K Mistake
From HHS: The Center for Children’s Digestive Health (CCDH) has paid the U.S. Department of Health and Human Services (HHS) $31,000 to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule and agreed to implement a corrective action plan. CCDH is a small, for-profit health care provider with…