Here’s an incident involving St. Elizabeth Physicians that happened last month but just showed up on HHS’s public breach tool now. From their August 23 notice: On July 12, 2016 St. Elizabeth Physicians inadvertently released the email addresses of 674 individuals in an email sent by its Weight Management Center inviting the recipients to a…
Category: U.S.
Geisinger Health Plan notifies 2800 that processing error exposed their PHI to others
Geisinger Health Plan issued the following statement on September 12: DANVILLE, PA — In accordance with Geisinger Health System policy and applicable federal regulations, Geisinger Health Plan has notified approximately 2,800 members from 220 employers that some of their Protected Health Information (PHI) has been disclosed in an unauthorized manner. This disclosure does not affect Geisinger…
The Mystery of the Reappearing FTP server, Part 2
Earlier this week, in the context of discussing of how old and forgotten databases can come back to bite us in costly databreaches, I reported on a somewhat bizarre situation involving files belonging to a Pennsylvania dentist. I have since obtained more information on that situation, and thought I would update you all. Let’s start…
St. Francis Health System hacked: TheDarkOverlord? (UPDATE)
TheDarkOverlord, who had hacked and attempted to extort a number of medical clinics in May – June, has seemingly reappeared [see UPDATES below this post], and claims to have hacked St. Francis Health System in Oklahoma: Last week, we ransacked the web servers of Saint-Francis, a network of hospitals and clinics located in Tulsa, OK. We…
Trump’s campaign mute about data security #fail?
It may not be on the level of failing to adequately secure State Department communications, but it seems Donald Trump’s organization could use a refresher course on data security. And when it finishes that, it might want to tackle a course on transparency. On Sunday night, DataBreaches.net received an email from MacKeeper Security Research Center lead researcher Chris Vickery….
Computer Breach Could Have Exposed Trauma Victims to Further Anguish
Jim Dwyer provides additional details and commentary on a breach involving research participants’ data held by the New York State Psychiatric Institute. [The research participants] included, among others, schoolchildren directly exposed to the events of Sept. 11; Puerto Rican youth; severely emotional disturbed young people in Westchester County and their caretakers; people in the Bronx suffering…