$875,000 Settlement Agreed in W-2 Phishing Scam Lawsuit
May18

$875,000 Settlement Agreed in W-2 Phishing Scam Lawsuit

A class-action lawsuit stemming from a W-2 phishing scam that saw an employee of the respiratory therapy supplier Lincare Inc., send the W-2 Forms of employees to a scammer has been settled for $875,000. As is typical with these types of Business Email Compromise (BEC) attacks, the scammer pretended to be a senior executive and sent an email to an employee of the HR department requesting W-2 information for the company’s employees....

Read More
582,000 Patients Warned of Potential PHI Compromise by California Dept. of Developmental Services
Apr27

582,000 Patients Warned of Potential PHI Compromise by California Dept. of Developmental Services

A recent survey carried out with hackers, incident responders, and penetration testers has showed that most can gain access to a targeted system in around 15 hours, but 54% of hackers take under five hours to gain access to a system, and identify and obtain sensitive data. The data comes from the second yearly Nuix Black Report and its survey of 112 hackers and penetration testers, 79% of which were located in the United States. Those...

Read More
Manufacturer of Oxygen Equipment Reports Data Theft Incident Possibly Impacted 30,000
Apr26

Manufacturer of Oxygen Equipment Reports Data Theft Incident Possibly Impacted 30,000

Inogen, a manufacturer of portable oxygen concentrators, has found that an unauthorized individual has obtained the credentials of a employees and has used them to access to the staff member’s email account. Phishing and other credentials theft incidents are commonplace in the healthcare industry, although what makes this incident unusual is the number of people affected by the attack. The compromised email account includeed the...

Read More
Integrated Rehab Consultants Takes 16 Months to Notify Patients of PHI Breach
Apr24

Integrated Rehab Consultants Takes 16 Months to Notify Patients of PHI Breach

Illinoie-based physiatry organization Integrated Rehab Consultants is broadcasting notification correspondence to some patients alerting them to the exposure of some of their protected health information, in line with HIPAA regulations. However, the breach was not discovered within the past 60 days. Integrated Rehab Consultants (IRC) initially became aware of the exposure of PHI on December 2, 2016 – 16 months previously. The...

Read More
Des Moines Crisis Observation Center Suppers HIPAA Due to Inappropriate Dissemination of Data
Apr23

Des Moines Crisis Observation Center Suppers HIPAA Due to Inappropriate Dissemination of Data

1,071 patients who were treated at the Des Moines Crisis Observation Center managed by Polk County Health Services Inc., have been contacted to advise them  that some of their protected health information has been “accidentally and unknowingly disseminated” at some point in the last 3.5 years. The breach was first identified on February 14, 2018, although the inquiry revealed that information was first disclosed on June 1, 2014 and...

Read More
Misconfigured Security Settings Lead to 63,500 Middletown Medical Patients Having their PHI Exposed
Apr19

Misconfigured Security Settings Lead to 63,500 Middletown Medical Patients Having their PHI Exposed

A security setting that was not configured properly on a radiology system has lead to  the patients’ protected health information of tens of thousands of patients of Middletown Medical, a multi-specialty physicians’ group based in Middleton, NY, The breach was first discovered on January 29, 2018. On January 30 the interface was realigned that any unauthorized individuals could no longer obtain patient information. The length of time...

Read More
Possible Abuse of Credit Card Details Affects 1,500 Baptist Health Patients
Apr18

Possible Abuse of Credit Card Details Affects 1,500 Baptist Health Patients

A former worker at Baptist Health’s West Kendall Baptist Hospital based  in Miami, FL illegally obtained the credit card details of patients and used the information to complete fraudulent transactions. The misuse of credit cards was identified by Baptist Health on March 9, 2018 and the matter was then made known to Miami-Dade law enforcement and the employee was removed from their position. Baptist Health has not made it known...

Read More
Multiple Staff Email Accounts Accessed in UnityPoint Health Phishing Attack
Apr17

Multiple Staff Email Accounts Accessed in UnityPoint Health Phishing Attack

It has been discovered that the email accounts of several employees of UnityPoint Health hhave been compromised and accessed by unauthorized people. Access to the staff email accounts was first obtained on November 1, 2017 and went on for a period of three months until February 7, 2018, when the phishing attack was noticed and access to the compromised email accounts was turned off. When the phishing attack was first noticed,...

Read More
Email Account Breach Impacts 4,000 Patients of Texas Health Resources
Apr16

Email Account Breach Impacts 4,000 Patients of Texas Health Resources

Texas Health Resources is sending notifications to ‘fewer than 4,000 patients’ that some of their Private Health Information may have been seen by an unauthorized persons. The Arlington-based health care provider, a supplier to over 1.7 million patients in North Texas, says that the data breach may have happened as early as October 2017, although they did not identify it until January 17, 2018, when law enforcement alerted the the...

Read More
Almost 14,000 Affected by SAMBA Privacy Breach
Apr13

Almost 14,000 Affected by SAMBA Privacy Breach

14,000 individuals are being alerted about a February 2018 breach of protected health information at the Special Agents Mutual Benefit Association (SAMBA). The data breach affects eligible family members of plan members who were covered by the Federal Employees Health Benefits Plan during 2017. It is an Internal Revenue Service (IRS) obligation for SAMBA to send a copy of Form 1095-B to all plan members every tax year. The form in...

Read More
Data Breach Notification and Information Security Laws Updated in Oregon
Apr12

Data Breach Notification and Information Security Laws Updated in Oregon

Data breach notification laws in Oregon have been updated to enhance security  for state residents whose personal data is accessible to the public during a data breach. Kate Brown, the State governor, signed the Senate Bill (SB 1551) last month, which updates several parts of the legislation, particularly Oregon’s Breach Notification Law, O.R.S. 646A.604 and Information Security Law, O.R.S. 646A.622. The updates will become...

Read More
Arc of Erie County New York Reports that 3,751 Patients’ PHI Was Exposed on Internet in 30-Month Period
Apr11

Arc of Erie County New York Reports that 3,751 Patients’ PHI Was Exposed on Internet in 30-Month Period

A provider of person-centered services to individuals with developmental disabilities, The Arc of Erie County New York (The Arc), has reported that two spreadsheets listing the protected health information of 3,751 patients were open to the public via the Internet without the need for authentication for a time period of longer than 30 months from July 2015 to February 2018. The two spreadsheets in question could be seen through the...

Read More
Missing Hard Drives from Chesapeake Regional Healthcare Reports PHI of 2,100 Patients
Apr09

Missing Hard Drives from Chesapeake Regional Healthcare Reports PHI of 2,100 Patients

Chesapeake, Virginia based Chesapeake Regional Healthcare has reported that two hard drives containing the protected health information (PHI) of approximately 2,100 patients are missing from their Chesapeake Regional Medical Center campus at that location. The private health information stored on the devices in question relates to patients who participated in research at its Sleep Center between April 2015 and February 2018. it is...

Read More
Improper Disposal of PHI is Common According to JAMA Study
Apr05

Improper Disposal of PHI is Common According to JAMA Study

A recently completed study (published in JAMA) has emphasized  just how often hospitals are disposing of PHI in an unsafe fashion. While the study was completed in Canada, which is not subject to HIPAA, the results emphasize a critical area of PHI security that is often neglected. Incorrect Destruction of PHI is More Commonplace than Previously Thought Researchers at St. Michael’s Hospital in Toronto reviewed recycled paperwork at...

Read More
Data Breach Notification Law Enacted by South Dakota
Apr04

Data Breach Notification Law Enacted by South Dakota

It has taken some time for South Dakota to introduce legislation to enhance protections for consumers impacted by breaches of their personal private data. Laws have already been passed in 48 states that obligate persons and companies that hold personal information to publish notifications to breach victims when that information is accessible by unauthorized individuals. Last week, South Dakota citizens were given similar security...

Read More
Phishing Attack on CareFirst BCBS Impacts 6,800 Plan Members
Apr03

Phishing Attack on CareFirst BCBS Impacts 6,800 Plan Members

CareFirst Blue Cross Blue Shield is alerting 6,800 of its plan members that some of their protected health information has potentially been accessed by unauthorized individuals as a result of a successful phishing attack on one of its employees. Phishing attacks are conducted to gain access to sensitive information such as email credentials. Those credentials are then used to access to sensitive data or conduct further attacks on an...

Read More
Cambridge Health Alliance Advised of PHI Breach by Law Enforcement
Apr02

Cambridge Health Alliance Advised of PHI Breach by Law Enforcement

Massachusetts based Cambridge Health Alliance (CHA) have been advised, by law enforcement agencies, that the protected health information of some of its clients has been found in the possession of an unauthorized person. The breach occurred On January 31, 2018, Everett Massachusetts Police Department made CHA aware that files including the PHI of some of its clients had been found in the possession of an person unauthorized to have...

Read More

Clinical Pathology Laboratories Southeast Patients’ Have PHI Exposed Due to Theft of Unencrypted Laptop

Clinical Pathology Laboratories Southeast, Inc., (CPLSE) has revealed that an unencrypted laptop computer issued to a member of staff has been stolen, exposing the protected health information of a number of patients and their payment guarantors. CPLSE quickly activated safety actions to prevent the laptop from being used to gain access to its network and the theft was made known to law enforcement; however, it is possible that the...

Read More
35,000 Patients of ATI Physical Therapy Affect by Data Breach
Mar28

35,000 Patients of ATI Physical Therapy Affect by Data Breach

The protected health information of more than 35,000 patients of ATI Physical Therapy has  has potentially been compromised by a cyber attack that occurred when hackers obtained access to staff email accounts. A security violation was discovered on January 18, 2018 when ATI Physical Therapy saw that the direct deposit information of some of its staff members had been altered in its payroll platform. Quick action was taken to remove...

Read More
Finger Lakes Health Computer System Grind to Halt after Ransomeware Attack
Mar26

Finger Lakes Health Computer System Grind to Halt after Ransomeware Attack

A ransomware attack on Finger Lakes Health, based in Geneva, NY, has impacted the computer system to the extent that staff have had to work using pen and paper. In the meantime efforts to remove the malware and restore access to electronic data have been enhanced. The health system came under attack from the health system beginning at around midnight on Sunday March 18, 2018, with workers first noticing the attack when a ransom demand...

Read More
NH-ISAC Partnership with Anomali Boost Threat Detection and Data Sharing
Mar22

NH-ISAC Partnership with Anomali Boost Threat Detection and Data Sharing

The National Health Information Sharing and Analysis Center (NH-ISAC) and Anomali have begun working together and will be providing threat intelligence to healthcare centers through NH-ISAC. As part of this partnership Anomali will be helping NH-ISAC with the required tools and infrastructure to allow its clients to work together and share threat intelligence with other subscribers. Anomali will be making up to date threat...

Read More
1,049 Patients of RoxSan Pharmacy Notified of 2015 Email Breach
Mar20

1,049 Patients of RoxSan Pharmacy Notified of 2015 Email Breach

1,049 patients of Beverly Hills, CA-based RoxSan Pharmacy have been warned that some of their protected health information has been shared with a business associate through an unencrypted email. The notification letters were sent to affected people during February, although the incident happened on January 20, 2015. Commenting in a recent press release, RoxSan stated that affected individuals are being contatced in “as timely a manner...

Read More
Primary Health Care Experiences Multiple Email Hacks
Mar20

Primary Health Care Experiences Multiple Email Hacks

A non-profit network of community health centers in Des Moines, Marshalltown and Ames, IA, Primary Health Care Inc. has reported that hackers gained access to the email accounts of four workers and may have viewed or downloaded patients’ PHI. A press release issued by Primary Health Care and published a substitute breach notice to its website on March 16, 2018 outlining that the breach occurred on February 28, 2017. The breach was...

Read More
10,000 ShopRite Clients Have PHI Exposed to Improper Destruction of Device
Mar17

10,000 ShopRite Clients Have PHI Exposed to Improper Destruction of Device

A Millville, New Jersey based ShopRite pharmacy has reported that an electronic device used to save the signatures of people has been destroyed without first deleting all stored protected health information from the device. A restricted amount of protected health information was held on the computing device, including patients’ names, birth dates, contact details, zip codes, prescription numbers, medication names, signatures,...

Read More
PHI of 5,300 Disclosed to Employees of QuadMed
Mar16

PHI of 5,300 Disclosed to Employees of QuadMed

The protected health information of 5,305 patients of QuadMed, a Wisconsin-based provider of medical, laboratory, pharmacy, fitness, and physical therapy services, may have been impermissibly shared with some employees. In November 2013, QuadMed took over management of an onsite clinic at Hillenbrand Inc. Occupational health information of employees based at the Batesville, IN-based manufacturer was held in an electronic medical...

Read More
33,420 BJC Healthcare Patients Have PHI Exposed in 8-Months HIPAA Breach
Mar16

33,420 BJC Healthcare Patients Have PHI Exposed in 8-Months HIPAA Breach

BJC Healthcare has revealed that the protected health information of 33,420 of it’s subscribers has been open to public accessible for eight months without adequate  for authentication required to view the PHI. The BJC Healthcare group is one of the largest not-for profit healthcare groups located in the United States. The healthcare organization, based in St Louis, runs two nationally recognized hospitals in Missouri –...

Read More
Top Healthcare Security Threats Revealed in HIMSS Survey Results
Mar12

Top Healthcare Security Threats Revealed in HIMSS Survey Results

HIMSS has released the findings of its 2017 healthcare cybersecurity survey, which gives us valuable insights into the state of cybersecurity in the healthcare sector and names the top healthcare security threats. The HIMSS 2018 cybersecurity survey was carried out on 239 respondents from the healthcare sector between December 2017 and January 2018. The findings of the survey were revealed at the HIMSS 2018 Conference &...

Read More
NY Attorney General Fines EmblemHealth €575,000 for HIPAA Breach
Mar08

NY Attorney General Fines EmblemHealth €575,000 for HIPAA Breach

A mailing mistake by EmblemHealth in 2016 that resulted in the Health Insurance Claim Numbers of 81,122 plan subscribers printed on the exterior of envelopes has resulted in the New York Attorney General applying a $575,000 settlement fine. Despite that all mailings have a unique patient identifier on the envelope, in this case the potential for damage was high as Health Insurance Claim numbers are formed using the Social Security...

Read More
New York Surgery & Endoscopy Suffers Record Data Breach Affected 135,000 patients
Mar06

New York Surgery & Endoscopy Suffers Record Data Breach Affected 135,000 patients

A malware infection has potentially allowed hackers to gain access to the medical records of as many as 135,000 patients at St. Peter’s Surgery & Endoscopy Center, located in New York So far in 2018, this is the second largest healthcare data breach reported and the most serious seen in New York state since the 3,466,120-record data breach at Newkirk Products, Inc. in August 2016. The St. Peter’s Surgery & Endoscopy...

Read More
70,320 Tufts Health Plan Members Affects in Window Envelope Privacy Breach
Mar06

70,320 Tufts Health Plan Members Affects in Window Envelope Privacy Breach

Tufts Health Plan is warning 70,320 of its subscriber that their health plan ID numbers have been accessed. A mailing vendor/partner utilized by Tufts Health Plan sent Tufts Medicare Preferred ID cards to Medicare Advantage subscribers between December 11, 2017 and January 2, 2018. Envelopes with plastic envelopes were used which naturally permitted plan members’ names and addresses to be visible, but Tufts Health Plan member IDs were...

Read More
Kansas Department for Aging and Disability Services Experiences 11,000-Record Breach
Mar06

Kansas Department for Aging and Disability Services Experiences 11,000-Record Breach

It has been discovered that an employee at Kansas Department for Aging and Disability Services (KDADS) sent an unauthorized email to a group of KDADS business associates that included the protected health information of almost 11,000 individuals. The email was issued to individuals who had already signed a business associate agreement with KDADS which disallows them from disclosing or using inappropriately any emailed protected health...

Read More
PhishMe Rebranded as Cofense Following Private Equity Syndicate
Mar02

PhishMe Rebranded as Cofense Following Private Equity Syndicate

A leading provider of human phishing defense solutions, PhishMe, has revealed that as of February 26, 2018, the firm will be known as Cofense. Along with the name alteration, the firm has revealed it has been acquired by a private equity syndicate, which estimate the worth of the firm as $400 million. PhishMe was established in 2007 with the aim of developing products and services to address the increasing threat from phishing. Staff...

Read More
Increase in W-2 Phishing Campaigns Leads to FBI Warning Issued
Mar01

Increase in W-2 Phishing Campaigns Leads to FBI Warning Issued

The Federal Bureau of Investigation (FBI) has issued a new alert for businesses due to a major rise in phishing attacks attacking payroll worker. The target of the phishing attacks is to download copies of the W-2 forms of workers. Information on the forms is used to carry out identity theft and tax fraud. 2017 saw record numbers of phishing campaigns targeting businesses, educational institutions, and healthcare groups. In some...

Read More
Updated Common Rule Allows Research Institutions Another Six Months for Compliance
Feb28

Updated Common Rule Allows Research Institutions Another Six Months for Compliance

Initially scheduled due to be introduced on January 19, 2018, amendments to the Common Rule – The Federal Policy for the Protection of Human Subjects have been put back for six months, allowing research groups additional time to comply with the new provisions. July 19, 2018 is the new date for the change to be introduced,however the provision covering cooperative research still has an introduction and enforceable date of January 20,...

Read More
Phishing Attack on Sutter Health Business Associate Impacts Patients
Feb26

Phishing Attack on Sutter Health Business Associate Impacts Patients

Sutter Health is contacting certain patients to advise them that their protected health information may have been exposed in a phishing attack on the legal firm Salem and Green, one of its business associates. It is thought that the attack took place on or around October 11, 2017, a phishing email was received by a worker at Salem and Green. The worker responded and, in doing so, allowed the attackers access to their email account....

Read More
HIPAA Compliance and Citrix ShareFile
Feb22

HIPAA Compliance and Citrix ShareFile

ShareFile was purchased by Citrix Systems during 2011 and the service is offered as a suitable data sync, file sharing, and collaboration service for the healthcare sector. it is vitally important for anyone considering using it to consider HIPAA Compliance and Citrix Fileshare. It is a safe file sharing, data storage and collaboration service that permits large files to be easily sent within a company, with remote workers, and with...

Read More
Triple-S Advantage Suffers Serious Data Breach with 36k Subscribers Impacted
Feb19

Triple-S Advantage Suffers Serious Data Breach with 36k Subscribers Impacted

36,000 plan members of Triple-S Advantage has experienced a privacy breach that has impacted. The breach was experience by the Puerto Rico based group when a mailing error which saw sensitive information of plan members sent to incorrect recipients. The data that was exposed, due to the mailing mistake, was limited and did not incorporate Social Security numbers or financial files; however, plan members’ ID numbers were impermissibly...

Read More
HIPAA $100,000 Fine Applied After Illinois Business Closes
Feb16

HIPAA $100,000 Fine Applied After Illinois Business Closes

HIPAA covered organization and their business associates must continue to adhere to Rules even when they close down. The HHS’ Office for Civil Rights (OCR) has reinforced this point with a $100,000 fine for FileFax Inc., for violations that happened after the business had ceased operating. FileFax is a Northbrook, IL-based firm that supplies medical record storage, maintenance, and delivery facilities for HIPAA covered organizations....

Read More
Decatur County General Hospital Malware Attack Exposes 24,000 Patients
Feb14

Decatur County General Hospital Malware Attack Exposes 24,000 Patients

It has been has that Decatur County General Hospital in Tennessee suffered a malware attack after a virus was uploaded to a server housing its electronic medical record network. It is thought that attacker could have gained access to the medical records of up to 24,000 people. The malware software installation was found on November 27, 2017 by the hospital’s medical record system vendor, who maintains the server on which the system is...

Read More
Ron’s Pharmacy Services Patients Receive Email Account Breach Alerts
Feb13

Ron’s Pharmacy Services Patients Receive Email Account Breach Alerts

San Diego, CA-based Ron’s Pharmacy Services has found that an employee’s email account containing limited protected health information has been logged onto by an unknown individual. Unusual activity was noticed on the employee’s email account during October 3, 2017 resulting in an investigation; however, it was not until December 21, 2017 that it was revealed that an unauthorized individual had obtained messages in the email...

Read More
Western Washington Medical Group Patients Exposed Due to HIPAA Breach
Feb12

Western Washington Medical Group Patients Exposed Due to HIPAA Breach

842 patients of Western Washington Medical Group have had their protected health information exposed when files including sensitive health information were disposed of with regular trash in November 2017. The breach occurred when the janitorial service used by the medical group removed the contents from shredding bins along with regular trash. Instead of sensitive documents being permanently terminated in adherence with HIPAA Rules,...

Read More
May 2017 Partners HealthCare Breach May Have Affected 2,600 Clients
Feb09

May 2017 Partners HealthCare Breach May Have Affected 2,600 Clients

2,600 clients of Partners HealthCare System are being warned that some of their protected health information may have been compromised in a May 2017 breach. While HIPAA covered organizations are given a time period of up to 60 days following the discovery of a breach to file an incident report to OCR (if the breach impacts 500 or more people) and notify those affected by the violation, this incident occurred and was found in May 2017....

Read More
CarePlus Health Warns 11,200 Subscribers of PHI Breach
Feb07

CarePlus Health Warns 11,200 Subscribers of PHI Breach

A privacy incident has been suffered by Miami, FL-based CarePlus Health Plans where certain plan subscribers’ protected health information were mistakenly shared with other plan subscribers. Benefits statement explanations were sent to its plan subscribers on January 9 and January 16, 2018, although on January 17, CarePlus noticed that some of the statements had been sent to the wrong recipients. The EoB statements included details...

Read More
Lost Device Means PHI of 660 Eastern Maine Medical Center Patients Could Be at Risk
Feb06

Lost Device Means PHI of 660 Eastern Maine Medical Center Patients Could Be at Risk

A portable hard drive that has gone missing from the State Street facility, in Bangor, ME of Eastern Maine Medical Center. The group is now notifying 660 clients that some of their protected health information could have been exposed. The missing device did not have encryption and data on the device could be accessed without no password requirement. While it has not been confirmed if it was stolen, but the device could not be located...

Read More
Forrest General Hospital Phishing Attack  Exposes Patients’ PHI
Feb05

Forrest General Hospital Phishing Attack Exposes Patients’ PHI

The PHI has of patients of Forrest Health’s Forrest General Hospital has potentially been obtained by a third party after access was gained to the email account of one of the employees of a business associate, Horne LLP. HORNE LLP is a provider of certain Medicare reimbursement procedures to Forrest General Hospital and due to this needs requires access to patients’ private health information. HORNE found email account breach on...

Read More
Allscripts Facing Class Action Lawsuit Following Ransomware Attack
Jan31

Allscripts Facing Class Action Lawsuit Following Ransomware Attack

Allscripts experienced a ransomware attack at centers in Raleigh and Charlotte, NC, resulting in several applications remaining offline for as many as 1,500 clients. Florida-based Surfside Non-Surgical Orthopedics. has already begun legal action by filing a class action lawsuit against the EHR vendor. A new variety SamSam ransomware infected Allscripts, a provider of  EHR and e-prescription services to 2,500 hospitals and 19,000...

Read More
Breach Notification Bill Advanced by South Dakota Senate Attorney Judiciary Committee
Jan28

Breach Notification Bill Advanced by South Dakota Senate Attorney Judiciary Committee

A voted in favor of introducing data breach notification legislation has been overwhelmingly passed by the South Dakota Senate Attorney Judiciary Committee. The bill advanced after a 7-0 vote. It was originally introduced, at the request of the Attorney General Marty Jackley, by the Committee on Judiciary. Presently there are only two states left in the US that have yet to implement data breach legislation to secure state residents....

Read More
DC Assisted Living Facility Hit by Malware Breach Exposing 5,200 PHI Records
Jan28

DC Assisted Living Facility Hit by Malware Breach Exposing 5,200 PHI Records

A malware attack experienced at Westminster Ingleside King Farm Presbyterian Retirement Communities may have allowed the hackers to obtain the protected health information of thousands of its clients. The Washington D.C., located assisted living center had adapted a wide range of security solutions to stop unauthorized access to its systems, although on this occasion they were unable to prevent the attack. The malware was identified...

Read More
53,000 Pharmacy Patients have PHI Exposed in Email Hack
Jan25

53,000 Pharmacy Patients have PHI Exposed in Email Hack

Patients of Onco360 and CareMed Specialty Pharmacy have been notified that the PHI of 53,173 patients has been compromised due to a phishing attack. A security breach was discovered on November 14, 2017, when suspicious activity involving an member of staff’s email account was uncovered. Following the discovery third party computer forensics experts conducted an investigation to determine the manner and extent of the breach. It...

Read More
Unauthorized Palomar Health Nurse Viewed Medical Records of Over 1,300 Patients
Jan22

Unauthorized Palomar Health Nurse Viewed Medical Records of Over 1,300 Patients

A former nurse employed at Palomar Medical Center Escondido viewed, without authorization, the medical records of more than 1,300 patients who were receiving treatment at the hospital. Those affected are now being made aware of the breach. The breaches were experienced over a 15-month period from February 10, 2016 and May 7, 2017. The access that was not permitted was first seen when access logs were reviewed. The audit revealed a...

Read More
Hancock Health Hit by Ransomware Attack
Jan19

Hancock Health Hit by Ransomware Attack

Following a ransomware attack on Indiana-based organization Hancock Health last  Thursday, staff at the hospital had no choice but to move to using pen and paper to detail patient health information, while IT staff made efforts to obstruct the attack and regain access to encrypted files. The attack started around 9.30pm on Thursday night when files on its network started to be encrypted. The attack initially caused the network to run...

Read More

Registered Nurses ‘Happy’ With PHI Security According to University of Phoenix Survey

The results of a recent survey completed by the University of Phoenix College of Health Professions indicates registered nurses (RNs) are of the belief that their organization’s ability to prevent data breaches is of an acceptable level. The survey was transmitted to 504 permanent RNs and administrative workers across the USA. Respondents had held their position for a minimum of two years. Just under half of RNs (48%) and 57% of...

Read More
Coplin Health Systems Patients’ PHI Possibly Compromised by Laptop Theft
Jan17

Coplin Health Systems Patients’ PHI Possibly Compromised by Laptop Theft

43,000 patients of West Virginia-based Coplin Health Systems have been warned that their PHI may have been exposed following the theft of an unencrypted laptop computer from the vehicle of an worker at the organization. Coplin Health was discovered the laptop theft on November 2, 2017. The theft was then reported to law enforcement and an investigation was initiated, although at the time of sending the warnings, the laptop computer in...

Read More
Unencrypted Hard Drive Results in the PHI of 9387 Patients’ Being Exposed
Jan15

Unencrypted Hard Drive Results in the PHI of 9387 Patients’ Being Exposed

In late November, the Framingham, MA-based Charles River Medical Associates based practice discovered one of its external hard drives was missing from its usual location. The missing device contained x-ray images, names, patient ID numbers, and birth details. All patients who had visited the Framingham radiology lab for a bone density scan since 2010 had their x-ray images obtained – almost 9,400 individuals. The hard drive was...

Read More
PHI Breach at Oklahoma State University Center for Health Sciences
Jan13

PHI Breach at Oklahoma State University Center for Health Sciences

An unauthorized individual has gained access to parts of the Oklahoma State University Center for Health Sciences (OSUCHS) network and may have accessed files containing billing details of Medicaid patients. The security breach was uncovered on November 7, 2017 with access to the network terminated the next day. Third party computer forensics experts were employed to carry out a comprehensive investigation to determine which areas of...

Read More
Florida Agency for Health Care Administration Hit by Phishing Attack
Jan11

Florida Agency for Health Care Administration Hit by Phishing Attack

An unauthorized individual has gained access to a single email account of a staff member at the Agency for Health Care Administration in Florida using a phishing scam. The staff member was sent, and responded to, a malicious phishing email on November 15, 2017 and shared login details that permitted the attacker to remotely access his/her email account and, potentially, the protected health information of up to 30,000 Medicaid...

Read More
Compassion Care Hospice Cyber Attack Affects 1,128 Clients
Jan10

Compassion Care Hospice Cyber Attack Affects 1,128 Clients

The protected health information of 1,128 clients of Compassionate Care Hospice Las Vegas (CCHLV) may have been accessed by an unauthorized individual person. The person in question obtained gained access to the company’s may have viewed the content of the servers. CCHLV discovered the violation on Mits network on October 28, 2017. The server was accessed by an unauthorized individual. CCHLV hired a firm specializing in...

Read More
Unauthorized Person May have Accessed PHI of 1,128 CCHLV Patients
Jan08

Unauthorized Person May have Accessed PHI of 1,128 CCHLV Patients

It has been discovered that an unauthorized individual may have viewed the protected health information of 1,128 patients of Compassionate Care Hospice Las Vegas (CCHLV). During a review on October 28, 2017, CCHLV found that its systems had been accessed without authorization. After finding the breach, CCHLV brought in a third-party forensics company to conduct a thorough investigation to look into breach and identify exactly who may...

Read More
5,000 Members of Kaiser Permanente Notified of Two Security Incidents
Jan06

5,000 Members of Kaiser Permanente Notified of Two Security Incidents

Two security incidents have recently been reported to the Department of Health and Human Services’ Office for Civil Rights by Kaiser Permanente. Combined, more than 5,000 people have been affected by the two breaches. Those affected were clients of the Kaiser Foundation Group Health Plan. The most potentially dangerous incident, regarding the number of individuals harmed, was an email-related breach threatening 4,389 health plan...

Read More
Bronson Healthcare Group Phishing Attack Impacts 8,256 Patients
Jan06

Bronson Healthcare Group Phishing Attack Impacts 8,256 Patients

A recent Bronson Healthcare Group phishing attack has resulted in a hacker gaining access to the protected health information (PHI) of 8,256 patients. The attack allowed the hacker to gain access to the health system’s email system, which contained the names, medications, and treatment information of patients. No Social Security numbers or patients’ financial information was compromised, and its electronic medical record system was...

Read More
Employee-Related Data Breach at SSM Health Affects 29,000
Jan05

Employee-Related Data Breach at SSM Health Affects 29,000

It has been discovered that a former worker at the St. Louis, MO-based not-for-profit health system, SSM Health was accessing the health records of clients for 8 months despite not haveing any legitimate work reason. The individual worked in SSM Health’s customer service support  call center, and due to this, did not have permission to access financial information, only demographic, health, and clinical data. The access was discovered...

Read More
Sports Medicine Practice Hit by Two Hacking Attacks in 7 Days
Jan04

Sports Medicine Practice Hit by Two Hacking Attacks in 7 Days

A hacker has gained access to its systems and encrypted files with ransomware at a family and sports medicine practice based in Colorado. Longs Peak Family Practice (LPFP) in Longmont CO, discovered suspicious activity taking place on its internal network on November 5, 2017 and took quick measures to safeguard its systems. However, before the measure were in place, the attacker ran ransomware code which encrypted files on some parts...

Read More
24,000 Patients  Impacted by Emory Healthcare Data Violation
Jan03

24,000 Patients Impacted by Emory Healthcare Data Violation

It has been discovered that a former worker at Emory Healthcare (EHC) has obtained the protected health information of 24,000 EHC patients and uploaded the data to a Microsoft Office 365 OneDrive account, from where it was accessible by other people. The former worker was a physician at Emory Healthcare, who is now a staff member at the University of Arizona (UA) College of Medicine. EHC says client information was taken covertly and...

Read More
Cyberattack Affects Internal Access to Jones Memorial Hospital Servers
Jan02

Cyberattack Affects Internal Access to Jones Memorial Hospital Servers

University of Rochester Medicine’s Jones Memorial Hospital, located in Wellsville, New York is currently dealing with a cyberattack that has inflicted some unexpected downtime on the organization. The attack is believed to have begun on Wednesday December 27 and has caused disruption to some of its information servers. The details of the cyberattack is unclear and it has yet to be resolved. The cyberattack has been limited to Jones...

Read More
Access to Wager Evans Dental Records Denied for 5 Days After Ransomware Attack
Dec29

Access to Wager Evans Dental Records Denied for 5 Days After Ransomware Attack

Wager Evans Dental practice, based in Reno, NV, has experienced a ransomware attack that cut off access to dental records and images for five days towards the end of 2017. The ransomware attack happened on October 30, 2017. The ransomware software was installed on one computer and one server used by the Dental Clinic. Ransomware can be installed by hackers using many different methods, although most commonly attacks using email. That...

Read More
Nebraska Ransomware Attacks Compromised PHI of Almost 10,000 Patients
Dec27

Nebraska Ransomware Attacks Compromised PHI of Almost 10,000 Patients

A ransomware attack that targeted Columbus Surgery Center, LLC and Eye Physicians, P.C., in Columbus, Nebraska has potentially exposedin the protected health information of almost 10,000 clients. The ransomware attack took place on October 7, 2017 and saw a wide variety of files on some servers being encrypted by the ransomware. A ransom demand was made by the hackers, although this was not paid. The encrypted data was restored from a...

Read More
1,750 Patients Affected by Potential Data Theft Incident at Austin Manual Therapy
Dec21

1,750 Patients Affected by Potential Data Theft Incident at Austin Manual Therapy

1,750 patients have been notified that some of their protected health information may have been accessed and stolen by a criminal attacker who gained access to Austin Manual Therapy (AMT) systems. Following a forensic investigation, by a leading national cybersecurity team, it has been found that access was first gained on October 3, 2017 and continued until October 9, when the intrusion was found and blocked. In the the breach notice...

Read More
1,900 MidMichigan Medical Center Patients’ PHI Found after Breach
Dec21

1,900 MidMichigan Medical Center Patients’ PHI Found after Breach

MidMichigan Medical Center (MMC) in Alpena has made contact with patients to advise them of a possible breach of their health information, which may have literally benn blown into the hands of people unauthorized to view the information. Late on November 18, a MMC cardiologist moved patient files from the Alpena cardiology office without adequate authorization. The files were placed to the cardiologist’s vehicle in a storage container...

Read More
PHI of almost 7,000 Patients Exposed in Two Separate Breaches
Dec19

PHI of almost 7,000 Patients Exposed in Two Separate Breaches

A binder holding a log of presurgical insurance authorizations was accidentally recycled by a cleaning company contracted by NYU Langone Health System in October. The binder was holding records referring to around 2,000 patients. The binder had saved information including names, birth dates, dates of service, current procedural terminology code, diagnosis codes, insurer names, and insurance ID credentials. In some instances, short...

Read More
5,000 Patients’ PHI exposed in Two Separate Breaches
Dec18

5,000 Patients’ PHI exposed in Two Separate Breaches

Separate breaches of patients’ protected health information have been exposed at Midland Memorial Hospital in Midland, TX, and Washington Health System Greene in Waynesburg, PA. The Washington Health System Greene organization is contacting 4,145 patients to advise them that some of their protected health information has been exposed after a hard drive could not be found at their premises. An external hard drive used with a bone...

Read More
UNC Health Care Breach Potentially Impacts 24,000 Patients
Dec17

UNC Health Care Breach Potentially Impacts 24,000 Patients

A computer device belonging to UNC Dermatology & Skin Cancer Center in Chapel Hill, NC, has been stolen in a burglary, possibly exposing the protected health information of up to 24,000 patients of the clinic. Thieves removed the computer from the premised on October 8, 2017. UNC Health Care said the stolen computer contained a database on  that gathered the protected health information of patients who had previously been treated...

Read More
18,500 Patients PHI Exposed After Multiple Email Accounts Were Compromised
Dec14

18,500 Patients PHI Exposed After Multiple Email Accounts Were Compromised

The Detroit-based Henry Ford Health System has issued notifications to almost 18,500 patients that some of their PHI has potentially been seen by an unauthorized person. The PHI breach was discovered on October 3, 2017 when unauthorized access to the email accounts of several members of staff was detected. While protected health information was possible accessed or stolen, the health system’s EHR system was not accessed at any point....

Read More
Accessing Medical Records Without Authorization Leads to Hospital Employee Being Sacked
Dec13

Accessing Medical Records Without Authorization Leads to Hospital Employee Being Sacked

The medical histories of 769 patients at Lowell General Hospital have been accessed by an member of staff without any valid work reason. By accessing the medical records, the member of staff breached the Massachusetts- based hospital policies and violated the privacy of hospital patients. Once the breach was discovered, and completion of the following investigation, the employee was fired. Lowell General Hospital was content that only...

Read More
Healthcare Worker Stole PHI of 28,000 Health Care Services Patients
Dec12

Healthcare Worker Stole PHI of 28,000 Health Care Services Patients

Private documents holding the PHI of patients have been stolen by a former employee of the Center for Health Care Services (CHCS) in San Antonio, a provider of mental health treatment and support services for patients with intellectual and developmental disabilities. Notifications of the breach have been sent to 28,434 patients who received care at CHCS before the summer of 2016. The breach of PHI was only found on November 7, 2017,...

Read More
Pennsylvania Obs/Gyn Clinic PHI Breached Due to Improper Disposal
Dec11

Pennsylvania Obs/Gyn Clinic PHI Breached Due to Improper Disposal

Paper files from Women’s Health Consultants, an obstetrics and gynecology practice that had centers in South Whitehall Township and Hanover Township, PA  have been dumped at a recycling center in Allentown, Pennsylvania. The files – containing names, Social Security numbers, and medical histories, including details of cancer diagnoses and sexually transmitted diseases – seem to have come from the firm which is no longer...

Read More

PHI Breach at UAB Medicine Leaves 652 Potentially Exposed

In Birmingham, Alabama, the UAB Medicine Viral Hepatitis Clinic has discovered a breach of patients’ protected health information (PHI) that could have affected up to 652 patients. The group, UAB Medicine, uses flash drives to transfer information from its Fibroscan machine to a computer. Two flash drives were identified discovered as missing on October 25, 2017. The portable storage devices were used to hold a limited amount of PHI...

Read More
Personal Information of New York Pharmacy Customers Exposed in Improper Disposal Incident
Dec06

Personal Information of New York Pharmacy Customers Exposed in Improper Disposal Incident

A security breach, involving the improper disposal of a device used to capture customers’ signatures, has been encountered by ShopRite Supermarkets, Inc. The device in question was used at the ShopRite, Kingston, NY location between 2005 and 2015 and stored personal and medical data. Customers who attended the pharmacy and had prescriptions supplied between 2005 and 2015 have potentially been impacted by the exposure. For those...

Read More
Extortion Attempt on Sports Medicine Provider Exposes Private Data of 7,000 Individuals
Dec05

Extortion Attempt on Sports Medicine Provider Exposes Private Data of 7,000 Individuals

Sports Medicine & Rehabilitation Therapy (SMART), based in Massachusetts, has contacting 7,000 clients regarding a breach of their protected private health information that occurred in September 2017. Potentially, the breach impacted all clients whose data was saved during a visit to a SMART outlet prior to December 31, 2016. Hackers, in an extortion attempt, accessed SMART systems, allegedly stole private information, and asked...

Read More
Multiple Breaches Leads to $2m Fine for Cottage Health
Dec04

Multiple Breaches Leads to $2m Fine for Cottage Health

Cottage Health, the Santa Barbara-based healthcare provider, will pay $2 million to resolve multiple violations of state and federal laws as per a directive from the California attorney general’s office. The group was examined by the California attorney general’s office in relation to a breach of private patient data back in 2013. The breach of data was found by the organization on December 2, 2013, when someone made the healthcare...

Read More
Rocky Mountain Health Care Services has Second Unencrypted Laptop Stolen
Nov30

Rocky Mountain Health Care Services has Second Unencrypted Laptop Stolen

An unencrypted laptop has been stolen from one of its employees of Rocky Mountain Health Care Services of Colorado Springs. This is the second such incident to be identified in just three months. The most recent incident was identified on September 28. The laptop computer was seen to store the protected health information of a small number of patients. The types of data stored on the device included first and last names, addresses,...

Read More
Medical College of Wisconsin Phishing Attack Affects 9,500 Patients
Nov29

Medical College of Wisconsin Phishing Attack Affects 9,500 Patients

The exposure of approximately 9,500 patients’ protected health information at the Medical College of Wisconsin has been caused by a phishing attack. The attackers were able to gain access to several staff members’ email accounts, which included a variety of sensitive information of patients and some faculty employees. The types of data in the accessed email accounts included names, addresses, medical record numbers, dates of birth,...

Read More
Clinic Worker Who Stole PHI Jailed for Five Years
Nov27

Clinic Worker Who Stole PHI Jailed for Five Years

A staff member at a clinic who stole the protected health information of mentally ill patients and sold the data to identity thieves for profit has fail in an appeal to get a five-year jail term lessened. Jean Baptiste Alvarez, aged 43, of Aldan, PA, obtained daily census sheets from the Kirkbride Center, a 267-bed behavioral health care facility located in Philadelphia. The census sheets included all the information required to steal...

Read More
Suspected UPMC Susquehanna Phishing Attack Exposes 1,200 Patients’ PHI
Nov23

Suspected UPMC Susquehanna Phishing Attack Exposes 1,200 Patients’ PHI

A network of hospitals and medical centers in Williamsport, Wellsboro and Muncy in Pennsylvania, called UPMC Susquehannam has revealed that the protected health information of 1,200 patients has possibly been accessed by unauthorized people. Access to patient information is thought to have been obtained after an worker replied to a phishing email. While information regarding the breach date have not been published, UPMC Susquehanna...

Read More
Blue Cross and Blue Shield of Florida Breach Impacts Almost 1,000 People
Nov22

Blue Cross and Blue Shield of Florida Breach Impacts Almost 1,000 People

Blue Cross and Blue Shield of Florida, dba Florida Blue, has announced to the public that the personally identifiable information of a small number of insurance applicants has been improperly accessed online. Florida Blue discovered to the exposure of patient data in late August 2017 and immediately initiated a review. Florida Blue reports that the showed that 475 insurance applications had been saved to the cloud by an unaffiliated...

Read More
Protenus November Breach Baromoter Highlight Internal Breaches
Nov21

Protenus November Breach Baromoter Highlight Internal Breaches

Following an unusually bad September, healthcare data breach incidents fell to more typical levels, with 37 breaches tracked in October according to the November 2017 Healthcare Breach Barometer Report from Protenus. The Protenus monthly summary of healthcare data breaches collates incidents reported to the Department of Health and Human Services’ Office for Civil Rights (OCR), and incidents made public using media outlets and tracked...

Read More
New Jersey Medical Practice has Boxes of Medical Records Stolen
Nov21

New Jersey Medical Practice has Boxes of Medical Records Stolen

Otolaryngology Associates of Central Jersey is making contact with patients to advise them of breach of their protected health information, following a theft at an off-site storage service in East Brunswick, NJ. The thieves removed thirteen boxes of paper medical records from the service, which included data like names, addresses, health insurance account numbers, birth dates, dates of military duty served, and the names of treating...

Read More
Contacts Stolen and Spear Phishing Emails Sent by Ursnif Trojan
Nov17

Contacts Stolen and Spear Phishing Emails Sent by Ursnif Trojan

The financial sector banking Trojan Ursnif, one of the most commonly experienced banking Trojans, has before been used to attack banking institutions. However, it seems the individuals behind the malware have expanded their horizons, with cyberattacks now being carried out on a wide variety of groups across many different sectors, including healthcare. The new strain of the Ursnif Trojan was found by researchers at security firm...

Read More
CyberAttack Infection Found by Catholic Charities of the Diocese of Albany
Nov10

CyberAttack Infection Found by Catholic Charities of the Diocese of Albany

The Catholic Charities of the Diocese of Albany (CCDA) was performing an upgrade of its computer security software during August when it found malware on its systems. The software was discovered to have been placed on one of the computer servers located at its Glens Falls office, which provided treatment to based patients in Saratoga, Warren and Washington Counties in New York. They acted quickly was taken to block access to the...

Read More
Ransomware Attack Affects: 8,750 Patients According to Aging Agency
Nov09

Ransomware Attack Affects: 8,750 Patients According to Aging Agency

East Central Kansas Area Agency on Aging (ECKAAA), an Ottawa-based body, has reported that a ransomware attack, resulting in the encryption of files on one of the agency’s servers, has exposed files containing the protected health information (PHI) of approximately 8,750 patients. The cyberattack happened on September 5, 2017 and was immediately located by ECKAAA, which took swift moves to limit the spread of the infection. Dues to...

Read More
NY AG Brings in Stop Hacks and Improve Electronic Data Security Act (SHIELD Act)
Nov08

NY AG Brings in Stop Hacks and Improve Electronic Data Security Act (SHIELD Act)

Aiming to protect New Yorkers from unwelcome breaches of their personal information, The Stop Hacks and Improve Electronic Data Security Act (SHIELD Act) has been introduced into the legislature in New York by Attorney General Eric T. Schneiderman. It is hoped that this Act with ensure that those affected will be notified when such breaches are incurred. Sponsored by Senator David Carlucci (D-Clarkstown) and Assembly member Brian...

Read More
Breach of PHI at Texas Children’s Health Plan After Staff Member Sent Emails to Personal Account
Nov07

Breach of PHI at Texas Children’s Health Plan After Staff Member Sent Emails to Personal Account

A breach of HIPPA has occurred at the Texas Children’s Health Plan after it has been found that the protected health information (PHI) of 932 clients has been emailed to the personal private email account of a former member of staff. The violation of privacy was incident was first seen on September 21, 2017, although it was discovered that the former member of staff emailed the private data in November and December 2016. The emails...

Read More
New Variant of WannaCry Ransomware Detected in FirstHealth CyberAttack
Nov03

New Variant of WannaCry Ransomware Detected in FirstHealth CyberAttack

A new variant of the WannaCry ransomware has been detected in a cyber attack on FirstHealth of the Carolinas, a Pinehurst, SC-based not for profit health provider. WannaCry ransomware came to global attention in cybers attacks in May 2017. In excess of 230,000 computers were infected within one day of the worldwide attacks starting. The ransomware variant had wormlike features and was capable of spreading quickly and affecting all...

Read More
PHI of 8,000 Possibly Exposed in Following Office Break In
Nov02

PHI of 8,000 Possibly Exposed in Following Office Break In

An office break in and subsequent computer theft has lead to the possible exposing of the protected health information (PHI) of up to 8,000 clients of Brevard Physician Associates. has been exposed after a desktop computer was stolen in a burglary. The break in happened on Labor Day September 4, 2017 when Brevard Physician Associates business premises was closed. Thieves gained access to the offices early that morning and illegally...

Read More
Consolidated Inc. Data Breach Impacts 21,856 People
Oct29

Consolidated Inc. Data Breach Impacts 21,856 People

Nebraska-based CBS Consolidated Inc., operating as Cornerstone Business & Management Solutions, completed a routine audit of system logs on July 10, 2017 and found an unfamiliar account on the server. Closer inspection of that account showed it was being used to download sensitive data from the server, including the protected health information of patients that used its medical supplies. 21,856 people who received durable medical...

Read More
3,725 Veterans Have Their PHI Exposed Due to Missing Laptop
Oct27

3,725 Veterans Have Their PHI Exposed Due to Missing Laptop

A laptop computer, no longer in use, owned by the Mann-Grandstaff VA Medical Center (MGVAMC) in Spokane, WA, has gone missing, potentially leading to the exposure of sensitive patient data. The laptop was linked to a hematology analyzer and held data related to hematology tests. The laptop was in operation between April 2013 and May 2016, but was put out of use when the device became unusable. The laptop, which had been purchased from...

Read More
Data Breaches Drop For Second Consecutive Month
Oct26

Data Breaches Drop For Second Consecutive Month

The latest report of the Breach Barometer from Protenus/Databreaches.net Healthcare shows that data violations have dropped for the second consecutive month, according to . In August, there were 33 reported healthcare data violations, down from 36 incidents in July and 56 in June. While the drop int he number of data breaches is encouraging, that is still more than one healthcare data breach per day. While it was the second best month...

Read More
Multiple Security Weaknesses in Alabama’s Medicaid Management Information System OIG Identified
Oct24

Multiple Security Weaknesses in Alabama’s Medicaid Management Information System OIG Identified

The HHS’ Office of Inspector General (OIG) has completed an audit of Alabama’s Medicaid data and information systems to adetermine whether the state was in compliance with federal regulations. The review included the Medicaid Management Information System (MMIS) and associated policies and processes. OIG also carried out a vulnerability scan on networked devices, databases, websites, and servers to identify vulnerabilities that could...

Read More
PHI of 10,500 Patients Found in Illinois Basement
Oct18

PHI of 10,500 Patients Found in Illinois Basement

The medical history of more than 10,000 patients have been discovered in a basement in Aurora, Illinois. The documentation was located at the house, rented from Naperville-based psychiatrist Dr. Riaz Baber, M.D., by the woman who rented it. The files had been stored in the basement for at least 4 years. The female tenant, Barbara Jarvis-Neavins, claims that she was given access to the basement by the psychiatrist’s wife when workmen...

Read More
51,000 Plan Subscribers Hit by Network Health Phishing Attack
Oct16

51,000 Plan Subscribers Hit by Network Health Phishing Attack

Network Health has advised 51,232 of its plan subscribers that some of their protected health information (PHI) has possibly been accessed by unauthorized people. In August 2017, some Network Health Wisconsin-based employees received sophisticated phishing emails. Two of those staff members responded to the scam email and divulged their login credentials to the attackers, who used the details to gain access to their private email...

Read More
Hacking Group ‘The Dark Overlord’ Attacks Another Healthcare Organization
Oct09

Hacking Group ‘The Dark Overlord’ Attacks Another Healthcare Organization

After a seemingly prolonged period of inactivity, the hacking group TheDarkOverlord has revealed another attack on a U.S. healthcare supplier, Mass-based SMART Physical Therapy (SMART PT). The hack reportedly happened on September 13, 2017, with the announcement of the data theft released by TDO on Twitter on Friday 22, 2017.  No details were given as to how access to the data was gained, although it was revealed to databreaches.net...

Read More