If you follow the news on how lucrative ransomware attacks are, you have probably read how the Ryuk threat actors have made an estimated $150 million, and how Egregor threat actors are also doing a lot of damage. Neither group focuses solely on the healthcare sector, but recent reports by Check Point and Fortified Health…
Search Results for: blackbaud
PROOF POINTS: What happens when private student information leaks
Drawing upon the incredible work of Doug Levin and his K-12 Cybersecurity Resource Center, Jill Barshay of The Hechinger Report highlights some of Doug’s findings — findings the GAO relied heavily upon in their recent report. How you tabulate breaches can make a huge difference in the public’s — and Congress’s — understanding of the…
Data breach involving personal information reported at Rady Children’s Hospital
Dillon Davis reports Rady Children’s Hospital has disclosed that some patient data was impacted by the Blackbaud ransomware incident earlier this year: Those files contained personal information including names, addresses, physicians, department of service, procedure name and date of births, the hospital said. Read more on FOX5. The hospital did not disclose the number of…
The High Cost of Reporting a Non-Reportable Data Breach
Mark Rasch raises an important issue — the risks of reporting a breach that you may not need to report. Using the Blackbaud incident as his starting point, he writes: In May, cloud provider Blackbaud was the victim of a ransomware attack designed to lock it out of accessing its own data and servers. The…
Legal action underway over University of Cumbria data breach
Cumbria Crack reports: Students, staff and partners of universities across the UK who may have had their personal details leaked online are preparing to take legal action against the organisations amidst concerns that more should have been done to protect their data. Confidential information including names, dates of birth, addresses, phone numbers and email addresses…
Are covered entities unnecessarily giving fundraisers PHI on patients?
I have no doubt that numerous sites will start generating “lessons learned” or “five takeaways” from the Blackbaud breach — if they haven’t done so already. And perhaps one of the consequences of this mega-breach needs to be a discussion of whether some entities are unnecessarily giving their fundraising arms or business associates too much…