Updated April 25: This incident was reported to HHS as impacting 197,661 patients. Original post: Here’s their press release. The release does not explain how the attacker(s) first gained access to certain servers in January. Was the infection intended to cover up the earlier activity? It’s not clear to me. Nor does the press release…
Search Results for: patient
Five months after disclosing a patient PHI breach involving employee email accounts, Metrocare discloses a second, identical, breach?
On April 5, Metrocare Services in Texas notified HHS that it was notifying 5,290 clients of a breach. A notice on their web site explains: On February 6, 2019, we learned an unauthorized third party gained access into some Metrocare employees’ email accounts beginning on January 2019. We immediately took steps to secure the accounts…
OH: Health Recovery Services notifying more than 20,000 patients after discovering unauthorized access that began in 2018
Health Recovery Services in Athens, Ohio, recently notified 20,485 patients after discovering in that an unauthorized IP address had accessed their network. The unauthorized access appears to have begun in November, 2018, and continued until the intrusion was discovered on February 5, 2019. Although investigation could not find any evidence that ePHI had been accessed,…
WA: RS Medical notifies patients because an attacker potentially had access to their information
On April 7, RS Medical disclosed an incident that had the potential to compromise patient information. A copy of the notification from the Vancouver, Washington entity, obtained by DataBreaches.net, indicates that the attacker may not have been particularly interested in patient information, though: The primary purpose of the breach, as determined by internal investigation, was…
Questcare Medical Services notifies North Texas patients of data security breach
Here’s a breach description that sounds a lot like the one I just posted from Dakota County, MN. Questcare Medical Services announced Friday that it is addressing a security incident that involved the personal information of patients in the Dallas/Fort Worth/Arlington area. Questcare said in a statement that it has begun an internal investigation, notified…
Patients at an Ohio rehab hospital were notified of breach. Was that breach part of a coordinated attack on Ernest Health hospitals?
Lauren Lindstrom reports: An undisclosed number of patients at the Rehabilitation Hospital of Northwest Ohio had their personal data compromised after “unauthorized access” to employee email accounts in October, hospital officials said. Patient data, including names, Social Security numbers, driver’s license information, dates of birth, and health insurance and patient care information, was contained in…