I won’t have much time to update news over the next few days while I am in Washington DC for the Privacy and Security Forum, but I just couldn’t wait until I got back to share what I hope is encouraging news for some of you. I know that there are a number of young…
When Test Data is Not Test Data
Jeremiah Fowler of Security Discovery tackles a common problem researchers and journalists experience all too frequently: There is a growing trend among organizations and companies to simply deny that live production data is real. As a security researcher I often hear that everyone is a small start-up and all data is test data, or it…
TX: Hunt Memorial Hospital District notifies additional patients about May 2018 breach
Brad Kellar of the Herald-Banner reports: The Hunt Memorial Hospital District released an update regarding a criminal cyber attack which was discovered against the district earlier this year, warning more of the district’s patients may have been impacted. […] According to the release, the cyber attack occurred in May 2018 “during which hackers gained access…
UK: Patient’s private answerphone message became Devon hospital’s voicemail
Okay, this is a bit different as far as breaches go. Anita Merritt reports: A Devon hospital has apologised after a caller’s voicemail, containing personal patient details, became the hospital’s answerphone message for more than seven hours. During that time the caller was inundated with calls from patients giving details about their health problems believing…
Philly health department website exposed names of thousands of people with hepatitis
Nathaniel Lash reports: A public-data tool built by the Philadelphia Department of Public Health to track the prevalence of hepatitis infections left individuals’ health records accessible, compromising the names, addresses, Social Security numbers, and intimate health records of thousands of people receiving medical care in Philadelphia. The department learned of the breach Friday when an…
Monterey Health Center in Oregon, Central Valley Regional Center in California both announce patient data breaches
On August 12, 2019, Monterey Health Center in Oregon became aware that they had suffered a ransomware attack. According to a press release issued yesterday, they were able to restore patient data, and were able to rule out any data exfiltration, but were not able to rule out access to the patient data. The types…