There’s a new leak site on the dark web this week, by an individual or individuals calling themself “DragonForce.” Most of the listings on the site are dated December 13 but appear to refer to attacks that were made previously. DataBreaches spotted two medical sector victims among the listings: Heart of Texas Behavioral Health Network…
Covenant Care patient and employee data being leaked by ransomware group
In November, Hunters International claimed that they had attacked Covenant Care. Since that time, they have been leaking what appears to be more and more patients’ protected health information (PHI) and employees’ personal information. Covenant Care operates services providing skilled nursing, residential care, therapy services, and home health care at 29 locations in California and…
Petersen Health Care allegedly a victim of a cyberattack, but not much is known at this point
On November 21, the Cactus ransomware gang added Petersen Health Care to its leak site. The listing has been updated since then. As proof of claims, Cactus leaked several screenshots of identity documents like passports. They did not indicate whether these were employee documents or patient-related documents, although it would be more likely if they…
MoD fined £350k over data breach that endangered lives of Afghan interpreters
Public Technology reports: The Ministry of Defence has been fined £350,000 over a data breach that divulged the identities of hundreds of Afghan nationals who worked for the UK government in Afghanistan. According to data watchdog the Information Commissioner’s Office, the incident allowed 245 recipients of an email about the evacuation of eligible people to…
UK: Severn Valley Medical Practice data breach leads to sacking
Joseph Broady reports: A staff member at a city GP surgery was sacked after lying about having appointments – resulting in a patient data breach. The data breach was confirmed by Severn Valley Medical Practice, which oversees the Henwick Halt Medical Centre in St John’s and the Lyppard Grange Medical Centre in Warndon. A letter was sent by…
AHA opposes HHS’ plan for cybersecurity fines
Naomi Diaz reports: The American Hospital Association said HHS’ plan to levy financial penalties in the event of a cyberattack on a healthcare organization would be counterproductive. In a Dec. 6 statement, the AHA said it is advocating for the HHS to review its proposal that requires healthcare organizations to be compliant with new cybersecurity requirements and…