Multiple Data Breaches Reported
There has been a number of healthcare data breaches made known to the HHS’ Office for Civil Rights (OCR) during the past few weeks. AffordaCare Urgent Care Clinics in Texas was attacked with Maze Ransomware. A report on DataBreaches.net revealed that the cybercriminals obtained 40GB of data prior to encrypting files. Some of the stolen data was published online when AffordaCare refused to pay the ransom. It is not yet known how many...
Data Breaches Reported at LifeSprk & University of Utah Health
LifeSprk is making contact with 9,000 of its account holders to inform them that a a limited amount of their protected health information may have been illegally accessed or stolen due to a November 2019 phishing attack. On January 17, 2020, the Minnesota-based senior care provider became aware that an unauthorized person had illegally accessed the email account of one of its staff members. The account was quickly secured and a...
Email Security Breaches at Relation Insurance & Rainbow Hospice Care
Relational Insurance Inc., an insurance brokerage company operating as Relation Insurance Services of Georgia (RISG), suffered an email security breach in August 2019. An unauthorized person was discovered to have obtained access to the email account of an employee and possibly accessed or copied emails that included protected health information (PHI). The breach was discovered on August 15, 2019 when suspicious activity was noticed...
Vulnerability in Walgreens Mobile App Secure Messaging Feature Made PHI Accessible
Walgreens has started contacting customers to make them aware that a portion of their protected health information may have been accessed by unauthorized individual due to an error in the personal secure messaging feature of the Walgreens mobile app. The secure messaging app includes a feature that allows registered customers to manage and receive SMS prescription refill notifications and deals and coupons. A vulnerability in the app...
Final Approval Given for Quest Diagnostics 2016 Data Breach Settlement
A federal judge has given final approval to a settlement in a class action lawsuit filed against the New Jersey-based medical laboratory firm, Quest Diagnostics Inc., in relation to its 2016 data breach. The $195,000 settlement will see up to $325 compensation made available for each person impacted by the breach. On November 26, 2016 hackers obtained access to the Care360 MyQuest mobile app that is used by patients to store and share...
First HIPAA Penalty of 2020 Announced by HHS’ Office for Civil Rights
The first HIPAA penalty of 2020 has been announced by the Department of Health and Human Services’ Office for Civil Rights (OCR) and has been sanctioned against the medical practice of Steven A. Porter, M.D. The practice has agreed to pay a fine of $100,000 to resolve possible breaches of the HIPAA Security Rule and will implement a corrective action plan to tackle all areas of noncompliance discovered during the compliance audit. Dr....
Physician Network Affiliated with Boston Children’s Hospital Impacted by Malware Attack
On Monday, February 10, 2020, Pediatric Physicians’ Organization at Children’s (PPOC), a physician group that works with Boston Children’s Hospital, suffered a malware attack that led to a system outage which stopped its 500+ pediatricians, nurse practitioners, and physician assistants from viewing patient data and scheduling appointments. PPOC has around 200 servers, 11 of which were affected by the attack. IT teams at PPOC and...
2020 Healthcare Data Breach Report
Protenus has released its 2020 healthcare data breach report which shows the past 12 months have been the worst ever in terms of the number of reported breaches. For its 2020 Breach Barometer report, Protenus, in conjunction with databreaches.net, identified more than 572 healthcare data breaches of 500 or more records in 2019, up 48.6% compared to 2018. The number of data breaches affecting the healthcare industry has increased...
30,000 Patients Impacted by Fondren Orthopedic Group Malware Attack
Fondren Orthopedic Group, an association of private orthopedic surgery practitioners in Houston and the surrounding areas, experienced a cyberattack that affected certain parts of its IT system on November 21, 2019. In a substitute breach notice published on its website, the incident was referred to as a malware attack that damaged the medical records of specific patients. Quick action was taken to limit the infection and its systems...
16,167 Patients Hit by Hospital Sisters Health System Email Breach
Hospital Sisters Health System has recently found out that an email security breach in August 2019 led to unauthorized people obtaining access to emails and email attachments that included the protected health information of 16,167 patients. Hospital Sisters Health System is a 15-hospital health network serving patients in Illinois and Wisconsin. Between August 6, 2019 and August 9, 2019, unauthorized people obtained access to the...
Phoenix Children’s Hospital & New York Nursing Center Impacted by Phishing Incident
A business email compromise (BEC) attack has impacted Village Center for Care dba VillageCare Rehabilitative and Nursing Center (VRNC) and Village Senior Services Corporation dba VillageCareMAX (VCMAX). BEC attacks involve the impersonation of an executive, either using the executive’s actual email account compromised in a previous attack, or by spoofing the executive’s email address. An unauthorized person, pretending to be part of...
30,000 Patients Affected After Malware Corrupts Medical Records
On November 21, 2019, Fondren Orthopedic Group, an association of private orthopedic surgery practitioners located in Houston and the surrounding areas, were hit by a cyberattack that impacted specific elements of its IT system. In a substitute breach notice published on its website, the incident was referred to as a malware attack that damaged the medical records of specific patients. Swift action was taken to limit the infection and...
Florida and Texas Healthcare Providers Report Ransomware Attacks
One of the most recent developments in the world of cyber crime to the tactic of threat actors to deploy ransomware to encrypt files to stop data access, but also to obtain data and threaten to publish or sell on the stolen data if the huge ransom demands are not met. This new tactic aims at growing the chance of finding victims paying the ransom. The Center for Facial Restoration in Miramar, FL, is one of the biggest healthcare...
DHS: Citrix Vulnerability Being Exploited Still
The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has released an alert in relation to a recently discovered flaw in the Citrix Application Delivery Controller and Citrix Gateway web server appliances. The vulnerability, referred to as CVE-2019-19781, can be exploited via the internet and can make remote execution of arbitrary code on vulnerable appliances possible. The flaw, when exploited,...
False Allegations of HIPAA Violations Result in Georgia Man Being Charged
Following the discover of a complex scheme to set up an acquaintance in relation to breaches violations of the Health Insurance Portability and Accountability Act (HIPAA), a Georgia man has been charged. The man in question, 43-year-old Jeffrey Parker, claimed that he was a whistleblower reporting HIPAA breaches committed by a nurse.Mr Parker made the breaches known to the hospital where the person was employed, and official...
Phishing Attack Leads to Second Lawsuit Against Kalispell Regional Healthcare
A second lawsuit has been submitted against Kalispell Regional Healthcare in Montana in relation to a May 2019 phishing attack that resulted in the email accounts of some of its employees accessed by hackers. Kalispell Regional Healthcare became aware of the breach on August 28, 2019. The investigation showed that the hackers gained access to staff email accounts on May 24, 2019 and potentially accessed patient data. A forensic...
Three-Year Insider Breach Discovered at North Ottawa Community Health System
North Ottawa Community Health System (NOCH) has become aware that a staff member at North Ottawa Community Hospital in Grand Haven, MI, viewed the medical records of patients without authorization over a period of three years. This issue was brought to the attention of the health system on October 15 by another employee. A review into the alleged inappropriate access was initiated on October 17 and the employee was suspended pending...
Up to 15 Million Individuals Potentially Affected by Ransomware Attack on Medical Testing Firm
LifeLabs, one of the largest medical testing and diagnostics firms in Canada, has been attacked with ransomware. The attack is believed to have occurred on or before November 1, 2019, although the cyberattack has only recently been announced. After careful consideration, the decision was taken to pay the ransom to recover customer data. The payment was made through a company that specializes in dealing with ransomware attacks. The...
The Cancer Center of Hawaii Delayed Radiation Therapy for Patients Due to Ransomware Attack
A ransomware attack took place, on November 5, 2019, on the Cancer Center of Hawaii in Oahu. The attack meant that the Cancer Center to close down its network servers, which meant it was temporarily stopped from providing radiation therapy to clients at Pali Momi Medical Center and St. Francis’ hospital in Liliha. While patient services suffered some disruption, no patient information is thought to have been accessed by the hackers....
$85,000 HIPAA Right of Access Failures Results in Financial Penalty for Korunda Medical
The Department of Health and Human Services’ Office for Civil Rights has revealed its second enforcement action as part of its HIPAA Right of Access Initiative. Florida-based Korunda Medical has agreed to settle potential fines for the HIPAA Right of Access and will implement a corrective action plan and bring its policies and procedures in line with the obligations of the HIPAA Privacy Rule. In March 2019, OCR was submitted with a...
Zeppelin Ransomware Used to Attack MSPs, Technology, and Healthcare Companies
Security researchers at Blackberry Cylance have identified a new variant of Buran ransomware which is being used in targeted attacks on technology and healthcare companies in Europe and the United States. The new ransomware variant was first detected on November 6, 2019. It is written in Delphi and is a member of the VegaLocker and Buran ransomware family. It is believed to be distributed under the ransomware-as-a-service model. The...
80,000 Patients of Southeastern Minnesota Oral & Maxillofacial Surgery Impacted in Ransomware Attack
Southeastern Minnesota Oral & Maxillofacial Surgery (SEMOMS) has made it public that a ransomware may have impacted the protected health information of almost 80,000 patients. The attack was first discovered on September 23, 2019. The IT team reacted quickly and secured the compromised server so as to restore the encrypted data. It is not known whether the ransom was paid or if the IT team was able to bring the server back online...
100 Dental Practices Affected by Ransomware Attack on Managed Service Provider
An Englewood, CO-based Complete Technology Solutions (CTS) Colorado IT firm that specializes in supplying managed IT services to over 100 dentist practices has been infiltrated as part of a ransomware attack. Indications are that attack was initiated at the end of November. KrebsonSecurity published a report that revealed CTS was sent request for $700,000 in ransom money. This payment was to be made in order for the keys to unlock...
Cheyenne Regional Medical Center Experiences Phishing Attack
Cheyenne Regional Medical Center in Wyoming has recently became aware that patient data may have been illegally obtained due to a phishing attack identified in April. The medical center was made aware of a potential security breach following the detection of suspicious activity related to staff payroll accounts on or around April 5, 2019. Around a week later, the medical center discovered that employee email accounts had been...
Sunrise Community Health and Katherine Shaw Bethea Hospital Suffer Phishing Attacks
Evans, CO-based Sunrise Community Health has learned that the email accounts of several staff members were compromised due to employees responding to phishing emails. The email accounts were accessed by unauthorized people between September 11, 2019 and November 22, 2019. Assisted by third party company of computer forensics experts, Sunrise Community Health determined on November 5, 2019 that the infiltrated email accounts included...
Ransomware Attack on IT Company Impacts more than 100 Dental Practices
More than 100 dental practices have had essential files encrypted as a result of a ransomware attack on an IT service provider. On November 25, 2019, the Englewood, Colorado-based IT firm Complete Technology Solutions (CTS) was attacked and its data was encrypted by Sodinokibi ransomware, aka rEvil. The firm was reportedly issued with a ransom demand of $700,000 in cryptocurrency for the keys to unlock the encrypted files. The firm...
Ransomware Attack Impacts 107,000 Ferguson Medical Group Patients
Saint Francis Healthcare System has revealed that the computer network of Ferguson Medical Group has been hit by a ransomware attack. The attack took place on September 21, 2019, before Saint Francis Medical Center purchased the Sikeston, MO-based medical group. Saint Francis Healthcare became aware of the ransomware attack on September 21. A notice published on the Saint Francis Healthcare website, the hackers succeeded in encrypting...
9,800 Employee Records Potentially Accessed Without Authorization at Former Aegis Medical Group
The Florida physician network, Aegis Medical Group, has begun contacting 9,800 patients to advise them that their protected health information may have been obtained and viewed by a former employee. That individual is thought to have tried to sell patient records to third parties thought to have been participating in identity theft and fraud. Aegis Medical Group was contacted by law enforcement agencies on September 11, 2019 in...
UNC Chapel Hill School of Medicine and Starling Physicians Report Phishing Attacks
University of North Carolina Chapel Hill School of Medicine has been hit by a phishing attack in which the protected health information of 3,716 patients has potentially been obtained by unauthorized individuals. A review by third-party forensics experts revealed that a number of employee email accounts were compromised between May 17, 2018 and June 18, 2018. It is not obvious when the security breach was first detected. The range of...
California Addiction Treatment Center Hit by Cyber Attack
An AWS S3 storage bucket owned by Sunshine Behavioral Health, LLC, a San Juan Capistrano, CA-based organization of drug and alcohol addiction rehabilitation centers, has been misconfigured, leading to the exposure of sensitive patient information. The misconfigured AWS S3 bucket was first reported to databreaches.net in August 2019. Sunshine Behavioral Health was contacted and the bucket was secured; however, the data exposure does...
Loyola Medicine and Main Street Clinical Associates Report PHI Theft Incidents
Main Street Clinical Associates, PA., in Durham, NC has contacted certain patients that some of their protected health information was stored on devices that were illegally taken from its offices. The theft took place when the Main Street offices had been evacuated due to a bad gas explosion. Workers at the office were ordered to evacuate the building on April 10, 2019 following an explosion in an nearby building. Files and equipment...
Business Associate Phishing Attack Impacts TennCare and Florida Blue Members
More healthcare organizations have revealed they have been impacted by a data breach at Magellan Health National Imaging Associates, a business associate of several HIPAA-covered groups that supply managed pharmacy and radiology benefits services. Danville, PA-located Geisinger Health Plan revealed last month that 5,848 of its account holders had been impacted by the breach and Albuquerque, NM-based Presbyterian Health Plan has...
Kalispell Regional Healthcare Contacts 140,209 Patients About Phishing Attack
Kalispell Regional Healthcare, located in Montana, is currently getting in touch with around 140,000 patients that some of their protected health information (PHI) was potentially impacted in a security breach over the summer. Kalispell Regional Healthcare runs Kalispell Regional Medical Center, a 138-bed hospital in Kalispell, MT. The breach has impacted the majority of its patients. The breach impacted Kalispell Regional’s email...
Millions of Patients’ Sensitive Data Found to be Accessible via the Internet
Due to the failure of nine companies to secure their medical databases, the sensitive health information of millions of patients has been exposed over the internet. The exposed patient data was found by security experts at WizeCase. The research team, headed by Avishai Efrat, used publicly available tools to search for exposed data that could be obtained without the need for any usernames or passwords. The firm then provides...
15,982 South Texas Dermatopathology Patients Contacted in Relation to AMCA Data Breach
South Texas Dermatopathology is the most recent victim of the data breach at American Medical Collection Agency (AMCA) to make the breach known to the Department of Health and Human Services Office for Civil Rights (OCR) and alert impacted patients. The breach was published on the OCR breach portal on October 7, 2019 and indicates 15,982 patients have been impacted. AMCA was a business associate of the San Antonio, TX-located medical...
Shared Network Drives Expose Thousands of Veterans’ Records
A report published by the Department of Veteran Affairs’ Office of Inspector General (VA OIG) audit has revealed that Internal Department of Veteran Affairs (VA) communications, disability claims, and the health information of thousands of veterans have been exposed and could possibly have been accessed by VA employees authorized to view the data. VA OIG completed an audit of the VA’s Milwaukee Regional Office following a call from a...
Healthcare Data Breach Report for September 2019 Published
36 healthcare data breaches of more than 500 records were reported to the Department of Health and Human Services’ Office for Civil Rights, during September, a 26.53% drop in the number of breaches from August. 1,957,168 healthcare records were illegally accessed in those breaches, a rise of 168.11% from August. The massive rise in the number of breached records is largely down to four reported incidents, each of which included...
Major Disruption to Patient Services at Campbell County Health due to Ransomware Attack
Campbell County Health in Gillette, WY, has experienced a ransomware attack that has shut down hospital systems and is preventing access to patient data. The attack took place in the early hours of Friday September 20, 2019 according to the Department of Health. An investigation into the attack has been initiated and attempts are ongoing to remove the ransomware, restore encrypted files, and bring systems back online; however, at the...
Phishing Attack on Ramsey County Impacts 117,905 Individuals
Ramsey County has revealed that a phishing attack that took place in August 2018 impacted a great many more individuals than first thought. The victim count has been revised to 117,905 from 599. The original breach report stated the email accounts of 26 staff members were compromised in a phishing attack that took place around August 9, 2018. The attack was identified quickly and the affected accounts were locked down. The individuals...
Phishing Attacks at Magellan Health Subsidiaries Impact 56,226 Presbyterian Health Plan Subscribers
Magellan Health, based in Scottsdale, Arizona, has revealed that discovered two of its subsidiaries have experienced phishing attacks that exposed the protected health information of members of Albuquerque, NM-based Presbyterian Health Plan. The phishing attacks were identified by National Imaging Associates and Magellan Healthcare, which both supply services to Presbyterian Health Plan. Both incidents were reported to the Department...
First HIPAA Violation Case Under 2019 Right of Access Initiative Settled by OCR
Earlier in 2019, the Department of Health and Human Services’ Office for Civil Rights (OCR) revealed that one of the main focuses of HIPAA enforcement in 2019 would be HIPAA right of access failures, including untimely responses to access requests and overcharging for copies of medical data. The HIPAA right of access permits patients to obtain copies of their medical records on request. HIPAA-covered entities must honor those requests...
UC Health Phishing Attack Affects Multiple Email Accounts
University of Cincinnati Health (UC Health) is looking into a security breach that saw the email accounts of multiple employees accessed by an unauthorized person The attack took place between July 6 and July 12, 2019 and involved ‘a limited number’ of employee email accounts. A review of the compromised email accounts revealed they included patients’ names, birth dates, medical record numbers, and some clinical data. A deep dive...
13,905 Patients Targeted in Artesia General Hospital Phishing Attack
Artesia General Hospital, located in Artesia New Mexico, has stated that protected health information (PHI) of 13,905 patients has been illegally accessed in a planned phishing attack. The breach was discovered when an employee’s email account was seen to have been used to send unauthorized emails. The breach was first noticed on June 18, 2019 and the forensic analysis revealed the account had been accessed by an unauthorized person...
PHI of 183,000 Patients Exposed in Phishing Attack on Presbyterian Healthcare Services
The Albuquerque, NM-based not-for-profit health organization Presbyterian Healthcare Services, has suffered a phishing attack that resulted in the email accounts of several workers subjected to unauthorized access. The phishing attack was noticed by Presbyterian Healthcare Services during June 6, 2019. The breach investigation showed the email accounts were infiltrated a month earlier, on or around May 9, 2019. Upon identification of...
3,000 Records Potentially Compromised in Rhode Island Healthcare Attack
Rhode Island Ear, Nose and Throat Physicians Inc. (RIENT) is contacting 2,943 patients to make them aware that some of their health information was saved on a server which was subjected to unauthorized access on June 19, 2019 when a hacker obtained access to its databases. The breach was discovered the same day and the network was safeguarded. An external computer forensics firm was contracted to assist with the investigation and help...
10,000 Patients Have Personal Data Impacted in Massachusetts General Hospital Breach
Massachusetts General Hospital (MGH) has identified that computer applications used by security experts in its Department of Neurology have been infiltrated using unauthorized access. The individual to blame would have been able to access the protected health information of around 10,000 patients. MGH discovered the breach on June 24, 2019 and quickly shut down access to the applications and databases. An investigation was initiated,...
Researchers Provide Insights into Motivations Behind Healthcare Cyberattacks
A new report from FireEye provides insights into the motivations behind cyberattacks on U.S. healthcare organizations. The report shows patient information is not the only type of sensitive data being sought. There has been a marked increase in cyberattacks on cancer research institutes and medical institutions for the research data they hold. The attacks are being conducted by Advanced Persistent Threat (APT) groups affiliated to...
Data Breach Exposes Medical Records of Western Connecticut Health Network Patients
Nuvance Health has started getting in touch with certain Western Connecticut Health Network (WCHN) patients to make them aware that some of their protected health information has been exposed. On June 11, 2019, WCHN sent a box of medical records to the Connecticut State Department of Public Health. The package was sent using the U.S. Postal Service (USPS), but the package was harmed while on the move, exposing the contents of the...
Washington Hospital Hit with $1m Ransom Demand
A ransomware attack on an Aberdeen, WA-hospital and associated clinics is still wreaking havoc over two months after the initial attack took place. The cybercriminals have requested $1 million for the keys to unlock the encryption on the captured data. On June 15, 2019, Grays Harbor Community Hospital started noticing IT problems. The attack happened on a Saturday when staffing numbers were low so, at first, the problem was put down...
Lost Thumb Drive was used to Store PHI of Renown Health Patients
Renown Health, the largest healthcare supplier in Northern Nevada, has started getting in touch with certain patients to make them aware that some of their protected health information (PHI) may have was accessible.Patient information was held in files on a portable storage device (thumb drive) identified as missing on June 30, 2019. An extensive search of the facility was conducted but the thumb drive could not be found. An...
2019: A Particularly Bad Year for Healthcare Data Breaches
Cyberattacks on healthcare organizations have continued to increase throughout the first half of 2019 and this year has seen the discovery of the second largest healthcare data breach ever reported. American Medical Collection Agency experienced a cyberattack in which the records of more than 20 million patients were exposed and potentially stolen. It should be no surprise to hear that in terms of both the number of healthcare data...
AMCA Breach Impacts 2.2 Million Patients of Clinical Pathology Laboratories
It has recently been discovered that the protected health information (PHI) of approximately 2.2 million of patients of Clinical Pathology Laboratories in Texas may have been infiltrated in the data breach at American Medical Collection Agency (AMCA). AMCA supplies debt collection services to many healthcare firms, which necessitates access to the PHI of patients with outstanding bills. A cyberattack on the AMCA payment website...
AMCA Data Breach Total Nears 25 Million
The number of healthcare providers confirmed to have been affected by the American Medical Collection Agency (AMCA) data breach has continued to grow over the past week. To date, 18 healthcare providers have made announcements that the protected health information they provided to AMCA has been exposed. AMCA is a collection agency that works with several healthcare organizations and recovers unpaid medical bills. In March 2019,...
25,000 Adirondack Health Patients Hit by Email Account Hack
Vermont-based Adirondack Health is getting in touch with around 25,000 patients that some of their protected health information has potentially been obtained by a cyber criminal. Information such as patients’ names, dates of birth, Medicare ID numbers or health insurance member numbers, and limited treatment and/or clinical information. A smaller subset of patients also had their Social Security number accessible. Adirondack Health is...
14,591 DHS Patients have PHI Compromised in Phishing Attack on California Business Associate
Nemadji Research Corporation, an outfit working with California Reimbursement Enterprises, has revealed that an unauthorized person obtained access to the email account of a staff emmber and may have viewed or copied the protected health information (PHI). California Reimbursement Enterprises is a business associate of several healthcare centers and hospitals in California and operates to provide a patient eligibility and billing...
Tennessee Hospice Phishing Attack may have Impacted Sensitive Data
A provider of end-of-life care, palliative care, bereavement support and community education based in Alive Hospice in Nashville, Tennessee has revealed that the email account of a staff member was infiltrated during May 2019. On May 6, 2019, suspicious activity was noticed in a staff member’s account. The password for the account was quickly amended and an investigation was launched into the cause of the violation. The...
Unauthorized Use of PHI as Teaching Tool Leads to Legal Action by Student
A medical student at Marshall University is suing the institution, along with Cabell Huntington Hospital, in relation to the unauthorized sharing of some of his protected health information (PHI) to a class of students. The student, who is referred to only as as J.M.A in the lawsuit, alleges that his x-rays were used as a teaching tool by a professor at Marshall University Joan C. Edwards School of Medicine, but information...
California and Illinois Clinics Discover Ransomware Attacks
Quantum Vision Centers and Eye Surgery Center patients located in Illinois are being contact to make them aware that some of their protected health information may have been illegally obtained in an April 2019 ransomware attack. An unauthorized person obtained access to certain Quantum systems and deployed ransomware on April 18, 2019. The ransomware encrypted files, some of which included data such as names, dates of birth,...
645,000 Clients of Oregon Department of Human Services Alerted Regarding Phishing Breach
The Oregon Department of Human Services (ODHS) is making contact with 645,000 clients to advise them that some of their personal information may have been compromised due to a phishing attack.The targeted attack kicked off on January 9, 2019 and lead to 9 ODHS employees clicking on links in emails and disclosing their login details. ODHS and the Department of Administrative Services Enterprise Security Office noticed the breach on...
Two Maryland Healthcare Providers Affected by Potential Breach at Meditab Software
In Maryland two healthcare providers have been impacted by a possible data breach that took place at their business associate, Meditab Software Inc.Meditab supplies EMR and practice management software to healthcare providers and its systems include patient data. In March 2019, Meditab found some protected health information (PHI) had been left unsecured. Meditab had established a portal to view statistics for its Fax Cloud services....
Phishing Breach Notifications Sent to 645,000 Clients of Oregon Department of Human Services
The Oregon Department of Human Services (ODHS) is making contact with 645,000 clients to advise them that a portion of their personal information was possibly impacted due to a phishing attack. The phishing attack took place beginning on January 9, 2019 and lead to nine ODHS members of staff visiting links in emails and disclosing their login details. ODHS and the Department of Administrative Services Enterprise Security Office...
Misconfigured ElasticSearch Server at University of Chicago Medicine Exposed Over 1.68M Records
It has been revealed that University of Chicago Medicine has discovered more than 1.68 million of its records have been exposed due to a misconfigured server. The records were saved on a misconfigured ElasticSearch server which had mistakenly had protections removed allowing it to be accessed over the internet without the requirement for any authentication. The misconfiguration permitted a database to be accessed which included...
AMCA Breach Affects Almost 7.7 Million Patients
After reports that the data breach at American Medical Collection Agency (AMCA) impacted the records of 11.9 million Quest Diagnostics patients, comes revelation that another healthcare company that has been impacted by the breach. On June 4, 2019, LabCorp, a different nationwide group of blood testing centers, announced that 7.7 million people whose blood samples were processed by the company may have had their sensitive information...
LabCorp Impacted by AMCA Data Breach: Up to 7.7 Million Customers Affected
A day after Quest Diagnostics confirmed 11.9 million of its customers have been affected by a cyberattack on American Medical Collection Agency (AMCA) comes news that a rival network of blood testing laboratories has also been impacted. LabCorp also uses AMCA’s billings collection services and the data of its customers has also been exposed. In a recent U.S. Securities and Exchange Commission (SEC) filing, LabCorp states that it...
Sensitive Information of 11.9 Million Quest Diagnostics Patients Compromised
Quest Diagnostics, one of the leading medical laboratories and blood testing companies in the United States, has been affected by a data breach at one of its vendors. That breach has resulted in the exposure and potential theft of almost 12 million individuals’ personal, medical, and financial information. According to a recent U.S. Securities and Exchange Commission (SEC) filing, Quest Diagnostics was notified of a data breach at the...
Medical Informatics Engineering Settles HIPAA Violation Cases for $1 Million
The electronic medical record software company Medical Informatics Engineering (MIE) has agreed to settle its HIPAA compliance violation case with the U.S. Department of Health and Human Services’ Office for Civil Rights for $100,000 and has agreed to pay $900,000 to resolve a multi-state action filed by state attorneys general over a 2015 data breach. MIE experienced a data breach on May 7, 2015 when hackers gained access to a server...
PHI Uploaded to Unapproved and Unsecured Cloud Service Used by UMC Physicians
UMC Physicians, based in Lubbock, is contacting patients of UMC Southwest Gastroenterology to make them aware that some of their protected health information has been exposed due to errors of judgement by two of its employed providers. Those suppliers had each set up a Google shared drive which was used to track follow up jobs related to the provision of care to patients. While the shared drives were set up with good aims and were...
Verity Health’s St. Vincent Medical Center Reports Phishing Attack
St. Vincent Medical Center, a part of Verity Health System, has announced a staff email account has been hacked following a response to a phishing email. The breach took place on March 15, 2016 and involved the email account of a hospital pathologist. The account compromise was discovered on March 26 and the account was secured within hours. During the period of time time that the unauthorized individual had access to the account, it...
1,100 Spectrum Health Lakeland Patients Affected by Phishing Attack
Spectrum Health Lakeland has revealed that a breach, the second the group has suffered in as many months, has exposed the protected health information (PHI) of some of its clients. The previous breach took place at Wolverine Services Group and affected around 60,000 of its patients. The latest incident involved an unauthorized person obtaining access to an email account due to the response to a phishing email. As was the case with the...
Extensive HIPAA Failures Lead to $3 Million Fine for Touchstone Medical Imaging
The Department of Health and Human Services’ Office for Civil Rights (OCR) has revealed that a settlement has been agreed between with the Franklin, TN-based diagnostic medical imaging services firm, Touchstone Medical Imaging. The settlement resolves many breaches of HIPAA Rules identified by OCR during the review of a 2014 data breach. Touchstone Medical Imaging has agreed to a settlement of $3,000,000 in relation to the violations...
Chinese Nationals Charged over 78.8 Million-Record Anthem Inc Hack
The U.S. Department of Justice has announced that two Chinese nationals have been charged over the 2015 hacking of Anthem Inc., and three other cyberattacks on U.S. businesses. In February 2015, Anthem Inc., discovered its systems had been infiltrated. Further investigation revealed the records of 78.8 million plan members had been stolen in what was, and still is, the largest healthcare data breach ever to be discovered. On Thursday,...
American Baptist Homes of the Midwest Reports Ransomware Attack
American Baptist Homes of the Midwest (ABHM), a supplier of assisted living and assisted care centers around the U.S Midwest, has reported a security breach involving the use of ransomware on its systems. The attack began on or around March 10, 2019. The attack was detected quickly, but only after the encryption routine had kicked off. The attack was disabled and affected accounts were secured, but not in time to prevent widespread...
Bodybuilding.com Data Breach Impacts 3,193 Employees
The bodybuilding and personal fitness website Bodybuilding.com has revealed it has had to deal with a security incident that may have lead to the information of customers and employees being accessed by unauthorized people. While the breach affecting customers was not a reportable incident under HIPAA, HIPAA does cover group health plans. As such, bodybuilding.com was required to report the breach of group members’ PHI to the Office...
Delayed Breach Response Costs Tennessee Medical Imaging Firm $3 Million
It is not possible to prevent all healthcare data breaches, but when a breach is experienced it must be investigated and mitigated promptly. Delaying the breach response and notifications can prove extremely costly, as the Tennessee medical imaging firm Touchstone Medical imaging discovered. On May 9, 2014, Touchstone Medical Imaging was notified by the FBI that an FTP server had been left unsecured. At the same time, the HHS’ Office...
PII of 137,000 Individuals Discovered in Unsecured Elasticsearch Database
An unsecured Elasticsearch database containing the personally identifiable information of approximately 137,000 people has been exposed over the Internet. The database was discovered by security researcher Jeremiah Fowler, who determined that the data belonged to the medical emergency evacuation service provider SkyMed. Fowler discovered the security settings for the database had not been correctly configured and the database could be...
Business Associate Phishing Attack Impacts PHI of 17,531 Patients
Women’s Health USA Inc., an Avon, CT-based business associate that supplies a range of practice management services to healthcare groups, has suffered a phishing attack that has lead to the exposure of patients’ protected health data. A review was initiated following the discovery of suspicious activity within specific employee email accounts. The targeted email accounts were safeguarded, and a leading cybersecurity firm was engaged...
Biggest Malware Threats in Healthcare Revealed
A recent report from Malwarebytes has revealed Trojans are the biggest malware threat. Trojans account for 79% of all malware detected on healthcare systems by Malwarebytes. The Emotet Trojan is the leading malware variant, accounting for 37% of all detected Trojans. While the Emotet Trojan was once just a banking Trojan concerned with obtaining credentials to online bank accounts, it has since evolved to include a wide range of...
Medical Billing Service Provider Suffers Ransomware Attack 7 Months After Computer Breach
Massachusetts-based supplier of medical billing services Doctors’ Management Service Inc. noticed that malicious software had been downloaded to its network which stopped files from being accessed on December 24, 2018 A review into the security incident was initiated which found GandCrab ransomware had been deployed. Files were rescued from backups and no ransom was paid. The review also found that the individual responsible for...
EmCare Phishing Attack Exposes 60,000 Records
The Dallas, TX-based physician staffing company EmCare has revealed that it has been impacted by a data breach that has impacted around 60,000 individuals, 31,000 of whom were patients. The exposed data was detailed in emails and email attachments in employee email accounts that were accessed by an unauthorized person after several employees responded to phishing emails and disclosed their email details. It is unclear from Emcare’s...
11,639 Individuals Impacted by Riverplace Counseling Center Malware Attack
Riverplace Counseling Center in Anoka, MN, has revealed that malware was discovered on its systems which may have allowed unauthorized individuals to obtain access to patients’ protected health information. The malware infection was first noticed on January 20, 2019. The counseling center brought in an IT firm to conduct a forensic analysis, remove the malware, and restore its systems from backups. The analysis process was completed...
Servers Compromised and Virus Deployed at Centrelake Medical Group
Centrelake Medical Group, a group of 8 medical imaging and oncology clinics in California, is notifying a number of patients that some of their protected health information has been exposed due to of a computer virus. The computer virus was identified in February 2019 when it stopped the medical group from accessing its files. The virus seems to be a form of ransomware, although no mention of ransomware or a ransom demand was made in...
$4.7 Million Settlement Agreed in Washington State University Data Breach Class Action Lawsuit
In the past few days a $4.7 million settlement has been approved by the King County Superior Court to reimburse individuals whose personal information was stolen from Washington State University in April 2017. Washington State University had backed up personal information on external hard drives which were saved in a safe in a self-storage locker. On April 21, 2017, the university discovered a break-in had taken place at the storage...
Pharmaceutical Giant Targeted in Long-Term Cyber Espionage Campaign
The German pharmaceutical giant Bayer has announced that it has been targeted by hackers who installed malware on its network. The attack was contained, but the malware was not removed for months. Instead, Bayer has been observing the malware in an attempt to determine the ultimate goal of the attack and the identity of the threat actors behind the campaign. The malware was installed on its network in early 2018. The affected systems...
UW Medicine Exposes 1m Patients’ PHI by Removing Security
Around 974,000 patients of UW Medicine have had their PHI exposed online due to the accidental disabling of protections on a website server. The error led to sensitive internal files being indexed by search engines. Sensitive patient information was accessible using Internet searches without any need for authentication. The Seattle-based group noticed a vulnerability on a website server on December 26, 2018, following being contacted...
Sharecare Health Data Services Issues Alert 8 Months After Breach Discovery
Sharecare Health Data Services (SHDS), a San Diego firm that provides secure electronic exchange and medical records management services for healthcare groups, has contacted some of its clients to advise them that hackers gained access to parts of its systems that contained sensitive patient data. SHDS discovered abnormal network activity on June 26, 2018, leading to an in-depth investigation. The investigation showed cyber criminals...
16,440 Patients Affect by Breach at Kentucky Counseling Center
Kentucky Counseling Center (KCC) has uncovered a list of 16,440 clients has been illegally taken and shared with another person. A current member of staff is thought to have accessed and copied patient information without authorization, uploading the data to an anonymous file sharing service, and then sending a hyperlink to the list to a former staff member of KCC. The former staff member was sent the link to the patient list on...
Milestone Family Medicine Data Breach Made Known to St. Francis Patients
Bon Secours St. Francis Health System is getting in touch with patients in relation to a security breach that may have led to some of their protected health information (PHI) being viewed/accessed by unauthorized actors who obtained access to the systems of Milestone Family Medicine in Greenville, SC. Milestone Family Medicine was connected with St. Francis Physicians Services (SFPS) until February 24, 2019, and had previously worked...
PHI Incident at Rush University Medical Center Impacts up to 45,000 Patients
Rush University Medical Center is contacting around 45,000 patients to advise them that their PHI has been exposed due to a data incident at a financial services vendor. Rush discovered the incident on January 22, 2019. A member of staff of the financial services vendor was found to have shared a file containing patients’ PHI to an unauthorized third party in May 2018. The sort of information in the file varied from patient to patient...
Rutland Regional Medical Center Email Accounts Accessed by Hackers
Rutland City -based Rutland Regional Medical, the biggest community hospital in Vermont, has uncovered a hack of its IT systems where cybercriminals obtained access to the email accounts of nine employees and potentially viewed/obtained patients’ protected health information. The hack was discovered on December 21, 2018 when a staff member of the medical center saw that their email account had been used to transmit large quantities of...
UConn Health Phishing Attack Impacts 326K Patients
A UConn Health phishing attack in December has potentially allowed an unauthorized individual to gain access to the health information of hundreds of thousands of patients. The attack was detected on December 24, 2018, and all email accounts were secured to prevent further unauthorized access. It is unclear for how long the attacker had control of the accounts. The breach may have dated back months. During the time that accounts could...
Pawnee County Memorial Hospital Malware Attack Impacts 7,000 Patients
Pawnee County Memorial Hospital in Pawnee City, Nebraska, is contacting 7,038 clients that some of their protected health information has possibly been accessed by a cyber criminal. On November 29, 2018, the hospital were advised that malware had been downloaded which allowed an unauthorized person to obtain access to its email system. Malware was placed into the hospital’s email system when a staff member opened a malicious email...
Georgia Eye Associates Email Breach Impacts 24,000 Patients
EyeSouth Partners has revealed that a cyber criminal has obtained access to a staff member’s email account and may have viewed/obtained the electronic protected health information (ePHI) of up to 24,000 clients. EyeSouth Partners is a registered business associate of Georgia Eye Associates, South Georgia Eye Partners, Cobb Eye Center, and Georgia Ophthalmology Associates. EyeSouth Partners became aware, on October 25 last year,...
Minnesota Infertility Clinic Suffers Malware Attack
Malware has been downloaded to the network of Reproductive Medicine and Infertility Associates, an infertility clinic located in Woodbury, Minnesota. While no proof was found to imply any patient information was accessed or exfiltrated by the malware, the chance of a data breach taking place could not be eliminated. The malware attack was discovered by the infertility clinic on December 5, 2018 and an external computer forensics firm...
Roper St. Francis Healthcare Phishing Attack Sees 13 Accounts Compromised
A massive phishing campaign targeting Roper St. Francis Healthcare has seen attackers gain access to the email accounts of 13 staff members. The phishing attack was discovered on November 30, 2018 and actions were taken to block access to a corporate email account. The investigation into the breach showed further email accounts had been accessed. The affected accounts were logged onto by the hacker between November 15 and December 1,...
$935,000 Settlement Agreed Between Aetna and California AG in HIV Status Breach Case
Health insurance company Aetna has reach an agreement to to a HIPAA penalty of $935,000 to the California Attorney General in relation to alleged violations of state laws during a 2017 privacy breach that released state residents’ HIV status. On July 28, 2017, Aetna’s mailing supplier sent letters to plan subscribers who were receiving HIV medications or pre-exposure prophylaxis to stop them from contracting HIV. The letters included...
6,092 Patients of FABEN Obstetrics and Gynecology Alerted about Ransomware Attack
FABEN Obstetrics and Gynecology has been hit by a ransomware hacking attack on a server that stored patients’ protected health information (PHI). The ransomware was discovered on November 21, 2018 and lead to widespread file encryption. A review was initiated to determine the extent of the attack and whether any patients’ PHI was obtained or downloaded by the hackers. A review of the files stored on the server showed that files...
Email Account Breach Impacts Valley Hope Association Patients
Valley Hope Association has revealed that a hacker has been able to log onto the email account of a member of staff. The organisation discovered that an account breach may have taken place, on October 10 2018, when unusual account activity was noticed. Swift action was taken to stop account access continuing and a third-party computer forensics firm was retained to determine the nature and scope of the data breach. The investigation...
Around 1,000 Lebanon VA Medical Center Patients have their PHI Impermissibly Disclosed
It has been discovered the protected health information of hundreds of elderly patients of Lebanon VA Medical Center in Pennsylvania has been impermissibly disclosed to a family member of a veteran. The data breach, which took place in November 2018, involved a member of staff at Lebanon VA Medical Center emailed a document to a family member of a veteran who was seeking nursing home facilities. The list should have included nursing...
773 Million Email Addresses and 21 Million Unique Passwords Listed for Sale
A massive collection of login credentials that includes approximately 773 million email addresses has been uncovered by security researcher Troy Hunt. Hunt is an Australian Microsoft Regional Director and maintains the Have I Been Pwned (HIBP) website, where people can check to see whether their login credentials have been stolen in a data breach. Hunt discovered the 87GB database on a popular hacking forum. The data was spread across...
BenefitMall Phishing Attack Impacts 111,589 Plan Members
A recently discovered BenefitMall phishing attack has resulted in the exposure of 111,589 plan members’ protected health information. BenefitMall, a division of Centerstone Insurance and Financial Services, discovered on October 11, 2018, that hackers had gained access to several employee email accounts as a result of their responses to phishing emails. Third party computer forensics experts were called in to assist with the...