Commonwealth Health Physician Network-Cardiology, also known as Great Valley Cardiology (GVC), has notified 181,764 patients of a network breach that resulted in access to protected health information that included names, addresses and demographic information such as dates of birth; Social Security, driver’s license and passport numbers; credit card or debit card and bank accounts; and…
Rhysida claims to have attacked Paris High School in Illinois
Schools continue to be an attractive and all-too-easy target for criminal groups. This week, Rhysida threat actors added Paris High School in Illinois to their leak site as an “auction” item: There is nothing on the district’s website to indicate any problems or breach. The only possible indicator currently found was on the district’s…
Cyberattack is a factor in Illinois hospital’s closure
Sean Lyngaas reports: A hospital in Illinois will close on Friday due in part to a cyberattack – a rare case of a health care provider publicly linking a hack incident to its closure. The 2021 cyberattack on St. Margaret’s Health, a hospital in Spring Valley, Illinois, hobbled computer systems for months and prevented it…
CloudSEK report says hackers don’t have access to CoWin’s backend database
Ayushman Kuman reports: A day after a Telegram bot provided access to the personal information of individuals who had reportedly registered for vaccination through the government’s CoWIN portal, an independent analysis by CloudSEK has shown that the threat actors do not have access to the entire portal or the backend database. CloudSEK is a Singapore-based…
Data breach prompts University of Pittsburgh Medical Center billing contractor to contact 25,000 patients
Kris B. Mamula reports: Some 25,000 University of Pittsburgh Medical Center (UPMC) patients are being contacted by a Tennessee billing contractor following a data breach caused by a software bug that may have exposed names, addresses, social security numbers and other personal information. Kingsport-based Intellihartx LLC, which provides UPMC with billing and collection services, is…
Texas Tightens State’s Data Breach Notification Law
Joseph Lazzarotti and Phillip A. Baggett of Jackson Lewis write: On May 27, 2023, Texas’ Governor signed Senate Bill 768 amending Texas’ data breach notification law. The law in question, Section 521.053 of the Texas Business and Commerce Code, sets out the specific requirements any person conducting business in the state who owns or licenses sensitive personal…