On March 18, attorneys for Summit Health, Inc. in Pennsylvania notified the Maryland Attorney General’s Office that on February 19, the hospital had learned that some of its employees had fallen for a phishing attempt. As a result of the successful phishing, employees’ information in the Lawson Employee Self-Service System, used to access payroll and benefits information, may…
Search Results for: HCA
More than 1 year after breach, data show up for sale on darknet
Brian Krebs reports that he received a tip about physicians’ data up for sale on a darknet marketplace called AlphaBay One of the databases for sale was a large text file called, “Tenet Health Hilton Medical Center” that contained the name, address, Social Security number and other sensitive information on dozens of physicians across the country. Did you ever…
And then there were three (Ascension Health entities breached)
Now can I say, “I told you so?” When Ascension Health wouldn’t answer my question as to whether there were other members who had also had a phishing incident recently other than the two hospitals I had already reported on, I was even more suspicious. Then this afternoon, I discovered that St. Agnes Health Care,…
Seton Family Health notifying 39,000 patients after employee falls for phish; Second Ascension Health member to report breach this week (Update2)
Is Ascension Health being targeted by attackers successfully acquiring employee e-mail account logins via phishing? (Update 2: It seems they are. See this post after reading the one below.) Zach Lozano reports that Seton Family of Hospitals will provide free identity monitoring and protection services for patients who had their personal information leaked in a phishing…
CA: VA hospital in Long Beach may have improperly disposed of patients’ information
Leanne Suter reports: Documents containing the personal information of veterans seeking treatment at the Veterans Affairs Long Beach Hospital may have been improperly disposed, Veterans Affairs officials said. Army veteran and hospital patient Paulnhu Nguyen said he found a large stack of patient records containing personal information, such as social security numbers, date of births…
FL: Employee of unnamed community health care provider indicted for stealing 9,000 patients’ info
And yet another insider breach in the healthcare sector results in criminal prosecution. The entity is not named in the press release and the case is not yet up on PACER: United States v. Yvenante Achille, Case. No. 15-20229-CR-Lenard In April 3, 2015, defendant Yvenante Achille, 30, of Miami, was charged by indictment for her participation…