Leora Schertzer reports: A cyberattack on the Brunswick Medical Center has compromised personal information of patients and staff, the Pointe-Claire clinic announced on Friday. The attack targeted its IT system on March 24, the announcement said. “Despite our continued efforts, some patient health information as well as personal information about our employees and professionals was…
No need to hack when it’s leaking: SavantCare edition
Today’s concerning leak is brought to you by SavantCare. The leak was discovered by an independent researcher who first reported it on his blog yesterday. In his report, @JayeLTee states that he found exposed data that included data from SavantCare employee chats. “Over two-thirds of the 308 users on the chat were for SavantCare, a…
In Secret Meeting, China Acknowledged Role in U.S. Infrastructure Hacks
Dustin Volz reports: Chinese officials acknowledged in a secret December meeting that Beijing was behind a widespread series of alarming cyberattacks on U.S. infrastructure, according to people familiar with the matter, underscoring how hostilities between the two superpowers are continuing to escalate. The Chinese delegation linked years of intrusions into computer networks at U.S. ports,…
Preservation notice sent to Radford University in widening data leak case
Thomas Mundy reports: Attorneys have sent a preservation notice to Radford University leaders to preserve all relevant evidence regarding a possible data breach involving former students. Former Michigan assistant football coach Matt Weiss has been federally indicted after prosecutors accused him of hacking into private accounts of student-athletes to access potentially compromising images. “When it…
Physicians’ billing and revenue management firm hit by LockBit
DataBreaches should no longer be surprised to see threat actors claim to have hundreds of GB of files from medical entities, but it’s still concerning that entities can have so much data accessed and exfiltrated and yet not detect the attack. For today’s example, we point to Physicians Medical Billing, which was added to LockBit3.0’s…
HHS Office for Civil Rights Settles HIPAA Security Rule Investigation; Northeast Radiology agrees to corrective action plan and $350,000 monetary penalty
Over the past few years, DataBreaches has reported on a breach involving Northeast Radiology and its business associate, Alliance Healthcare Services. In March 2020, Northeast Radiology revealed its patient data was involved in a breach Alliance notified them about in January, 2020. TechCrunch had contacted Northeast Radiology about its unpatched PACS servers in 2019, but…