Ugh. Fairchild Medical Center had a misconfigured server exposing PHI from December 16, 2015 until they were alerted to the problem in late July by an unnamed security company who discovered the exposure. Here’s their press release, below. Note that this does not (yet) appear on HHS’s breach tool. YREKA, Calif., Nov. 25, 2020 /PRNewswire/ — In…
PA: Part of Delaware County Computer System Down After Attacked By Hackers
Chad Pradelli and Cheryl Mettendorf report: Cybercriminals have attacked the Delaware County, Pennsylvania government network and taken it hostage. The criminals are demanding $500,000 to free it up. Sources told Action News, the cybercriminals gained control of the network on Saturday encrypting files, including police reports, payroll, purchasing, and other databases. Prosecution evidence, however, has…
UK: Concern as personal data of 284 diabetic patients breached at NHS Highland
Chris MacLennan reports: A data breach at NHS Highland has led to the personal information of 284 patients with diabetes being shared with more than 30 people. The error, which occurred on Tuesday November 17, led to the names, dates of births, contact information and hospital identification numbers of the patients being revealed. Read more…
Indiana justices agree to hear hospital records suit stemming from insider snooping case
Attempts to hold an entity liable for the wrongdoing of an employee has produced mixed results in the courts. Here’s a case in Indiana like that, below. As seen on The Indiana Lawyer: Justices last week granted transfer in the case of Community Health Network, Inc. v. Heather McKenzie, et al., 20S-CT-648. Heather McKenzie’s medical records…
Data Breach Cases: An Analysis of Standing and Best Causes of Action
Edward T. Kang writes: Despite the rules and security measures that many organizations put in place to protect the personal information of their clients or customers, sensitive information may still fall prey to hackers and other kinds of breaches. Those affected may seek counsel to aid in bringing suit to hold an entity liable for…
Is Rand McNally just routinely “upgrading systems” or are they dealing with an attack?
A notice on their web site says that Rand McNally is upgrading their systems: Oh really? Why didn’t their site just admit what they wrote in email: “Dear Valued Customer, Rand McNally recently discovered a disruption to certain portions of our computer network. We commenced an immediate investigation that included taking certain systems offline and…