The following press release is not the first press release we have seen from NHS Management, LLC, a business associate in Alabama. Coverage of a previous press release in January can be found on this site, here. Comparing the new press release, below, to the previous one, it appears that ongoing investigation revealed that the…
Search Results for: alabama
Unable to determine what files were accessed, Norwood Clinic notifies all 228,103 patients
Norwood Clinic in Birmingham, Alabama is notifying 228,103 patients of a hacking incident that left them unable to determine what, if anything, had been accessed. In a notification to the Maine Attorney General’s Office, the clinic’s external counsel reported that the breach began on September 20 and was discovered on October 22. The types of…
AL: NHS Management Discloses Incident from Last May
Sometimes, what looks like an update isn’t actually an update but an initial disclosure. On January 14, the following press release appeared about an Alabama entity. Neither the press release nor the notice on the entity’s website specifically identifies this as a ransomware incident. NHS Management, which manages 50 long-term care and rehabilitation facilities in…
UVA Health notified patients after Ciox Health data breach (updated)
Someone on Twitter asked me what the first breach of 2022 would be. The following public notice is not the first breach of 2022. It is a 2021 breach that just showed up after midnight in my news search this morning. And because it involves a third-party breach, we may see other covered entities affected,…
Under the media radar…
Here are just a few more breach reports that reveal medical or health information. The following may not be HIPAA-covered entities or may not show up on HHS’s public breach tool even if they are covered (because of the number impacted): Lion Street Financial in Texas recently notified the New Hampshire Attorney General’s Office about…
Mobile County Commission notifies employees of data breach; threat actors dump more data
WKRG reports an update to a ransomware attack on Mobile County that was previously reported in June after SuspectFile broke the story of Grief’s attack and claims. As previously addressed in statements published by Mobile-area media, Mobile County recently discovered suspicious activity related to some of its computer systems. We immediately shut down and launched…