Summit Health is a for-profit, multi-specialty medical practice headquartered in Berkeley Heights, New Jersey. It describes itself as a “physician-driven, patient-centric network committed to simplifying the complexities of health care and bringing a more connected kind of care.” They have more than 2,800 providers, 13,000 employees, and over 370 locations in New Jersey, New York,…
Update: Daixin leaks more data from Bluewater Health and other hospitals; databases yet to be leaked
As some will likely have already noticed, Daixin Team released the second part of the data leak from five hospitals in Ontario that have IT services provided by TransForm SSO. The first leak, containing many patient records, was previously reported by DataBreaches on November 1. Skimming the second tranche, DataBreaches noted a lot of internal…
United States Recovers $2.4 Million Obtained In Business Email Compromise
October 31, 2023 Orlando, Florida – United States Attorney Roger B. Handberg announces that the United States has civilly forfeited $2,462,000 in proceeds obtained from a wire fraud scheme that involved the takeover of a business email account. The forfeited funds are being returned to the fraud victim. According to court documents, the victim, Company…
HC3: Analyst Note: 8Base Ransomware
November 1, 2023 TLP:CLEAR Report: 202311011500 Executive Summary A recent attack on a U.S.-based medical facility in October 2023 highlights the potential threat of the ransomware gang, 8Base, to the Healthcare and Public Health (HPH) sector. Active since March 2022, 8Base became highly active in the summer of 2023, focusing their indiscriminate targeting on multiple…
Virginia’s Fairfax Schools Expose Thousands of Sensitive Student Records
Linda Jacobson reports: Virginia’s Fairfax County Public Schools disclosed tens of thousands of sensitive, confidential student records, apparently by accident, to a parent advocate who has been an outspoken critic of its data privacy record. The documents identify current and former special education students by name and include letter grades, disability status and mental health…
Australian Clinical Labs to face court over 2022 data breach
David Hollingworth reports: The Office of the Australian Information Commissioner believes Australian Clinical Labs did not adequately protect personal data, leading to an increased risk of “identity theft, extortion and financial crime”. When MedLabs pathology was hacked in February 2022, 223,000 Australians had their personal information exposed on the darknet, including credit card details and passport…