The Office of Inadequate Security
As DataBreaches recently reported, in June 2023, SysInformation Healthcare Services d/b/a EqualizeRCM discovered a ransomware attack. One year later, we still don’t know how many clients and patients were affected. But SysInformation wasn’t the only entity that suffered a ransomware attack in June 2023 that hadn’t sent notifications by now. Florida Community Health Centers (FCHC)…
In April 2023, Brightside Health, Inc. reported a breach to HHS that affected 767 patients. The incident was coded as “unauthorized access/disclosure” of information located in “EMR, other.” HHS’s closing statement on the public breach tool described the incident this way: The covered entity (CE), Brightside Health, reported that an unauthorized individual accessed the protected…
Settlement with Heritage Valley Health System marks OCR’s third ransomware settlement as the agency sees 264% increase in large ransomware breaches since 2018 The U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) announced a settlement with Heritage Valley Health System (Heritage Valley), which provides care in Pennsylvania, Ohio and West…
On August 17, 2023, SysInformation Healthcare Services, LLC, d/b/a EqualizeRCM (“SysInformation”) notified HHS of a breach. The firm, a business associate that provides revenue and billing cycle management services, reported that 501 patients had been affected. That number is generally interpreted as a placeholder marker when the entity has not yet figured out the real…
The man known as “Kmeta,” “Impotent,” “RansomedVC,” and other monikers says he is not “Emil Kyulev” and has not been arrested. On June 30, DataBreaches reported on the arrest of a 21-year-old Bulgarian man, Teodor Iliev, who is accused of being the threat actor known as “Emil Külev” (“Emil Kyulev”). DataBreaches subsequently noted some confusion…
TimesLIVE reports an update on a ransomware attack on the National Health Laboratory Services. The attack was confirmed by NHLS on June 25 and is still significantly impacting services. DataBreaches has not spotted any ransomware group or threat actor claiming responsibility for this one. There are delays in processing laboratory tests across public health facilities…