In February 2020, Overlake Medical Center and Clinics in Washington State reported a phishing incident in December 2019. More than 109,200 patients were reportedly affected. HHS investigated the incident and wrote a closing note in the file: Overlake Medical Center and Clinics, the covered entity (CE), reported that multiple employees were the victims of an…
Hacker accesses injured workers’ personal info in cyberattack on North Dakota agency
It’s not often we see a breach report from North Dakota. Forum reports: The North Dakota Workforce Safety & Insurance agency was a victim of a cybersecurity attack on June 28 that involved personal data, according to a statement released by WSI on Friday, Aug. 19. According to the statement: A Workforce Safety & Insurance…
From the “What Could Possibly Go Wrong Department” after it went wrong, Monday edition
In June, many of us first became aware that Facebook was receiving sensitive medical information from hospital websites. Of 33 hospital websites that The Markup tested, 10 of them had trackers (“Meta Pixels”) which sent information to Facebook when a patients clicked a button on the hospital’s site to schedule an a medical appointment. This…
Chinese adult site leaking 14 million user details — and it’s increasing?!
On August 6, Waqas reported that a Chinese adult site platform had leaked more than 14 million user accounts with more than 24 GB of files. The server was reportedly updating itself with new information every second. Hjedd, an infamous Chinese adult content and NSFW platform has been exposing a treasure trove of user data…
WA: Columbia River Mental Health Services issues preliminary media notice of a breach
On August 8, Columbia River Mental Health Services (“CRMHS”) in Washington State notified HHS about a data security breach involving some employee email accounts. A press release about the incident claims that CRMHS recently became aware of suspicious activity related to email accounts. They do not state exactly what they mean by “recently.” An investigation…
Patchwork of US State Regulations Becomes More Complex as Florida, North Carolina Ban Ransomware Payments
Scott Ikeda reports: The issue of banning ransomware payments has been contentious and hotly debated in governments throughout the world in the last few years, particularly as the problem seemed to grow out of control during the Covid-19 pandemic. In the US, the federal government has come down on the side of allowing payments but adding increasingly…