Data Breaches Encountered by PracticeMax and UMass Memorial Health
Health plan members of Anthem who have End-Stage Kidney Disease and are registered in the VillageHealth program were informed regarding the possible exposure of some…
Read More
Fight the Phish! this Cybersecurity Awareness Month
Around 54,000 Patients Affected by Ransomware Attack at OSF HealthCare
20% of Healthcare Providers Report Higher Patient Mortality Following a Ransomware Attack
Healthcare Companies Face Legal and Technological Difficulties Reaching CCPA Compliance
Jackson Health Looks into Social Media HIPAA Violation That Involve a Nurse
Increased Risk of Ransomware Attacks over Labor Day Weekend According to FBI & CISA
12,000 Patients Impacted by Revere Health Phishing Attack
PHI of 47,000 People Potentially Affected in Electromed Inc. Data Breach
Email Account Breaches Reported by A2Z Diagnostics and Vision for Hope
A2Z Diagnostics, a specialist diagnostic testing laboratory in New Jersey, has begun alerting patients about the inclusion of some of their protected health information (PHI)…
PHI Likely Exposed in Eye Center and Law Company Ransomware Attacks
Francisco J. Pabalan MD of Pabalan Eye Center based in Riverside, CA has said a ransomware attack has impacted approximately 50,000 patients. The center found…
Overlake Hospital Medical Center Offers Settlement to Take Care of the Data Breach Case
Overlake Hospital Medical Center in Bellevue, WA has offered a settlement to take care of a class-action lawsuit it is facing. Victims of a breach…
Email Security Breaches Reported by MultiPlan and Hawaii Independent Physicians Association
The medical payment billing service company MultiPlan had reported a breach of its email system. On January 27, 2021, suspicious activity was discovered in the…
Man From Texas Sentenced to 48 Months Imprisonment for Crime Concerning Theft of Electronic Health Records
A man from Texas was sentenced to 48 months imprisonment right after pleading guilty to one count of conspiracy to acquire data from a protected…
Dominion National Offers $2 Million as Settlement for Class Action Lawsuit
Dominion National in Virginia, an insurance provider, a health plan manager, and a dental and vision benefits manager, has consented to resolve a class-action lawsuit…
Information Breaches at San Juan Regional Medical Center, Springfield Psychological And Coastal Medical Group
San Juan Regional Medical Center has lately informed thousands of its patients regarding a security breach that took place in the fall of 2020. The…
Federal Judge Dismissed Houston Hospital Employees’ Lawsuit over Vaccine Mandate
Many U.S. employers have put in place a policy that calls for their workers to be vaccinated against COVID-19, which includes a number of big…
Vulnerabilities Discovered in Hillrom Medical Device Management Tools
Hillrom medical device management tools had been discovered to have two medium severity vulnerabilities that could cause the leakage of sensitive information, corruption of information,…
Critical Vulnerabilities Discovered in MesaLabs Lab Temperature Monitoring System
Stephen Yackey of Securifera discovered five vulnerabilities in the AmegaView continuous monitoring system of MesaLabs, which is employed in hospital labs, forensics laboratories, and biotech…
Michigan Guy Pleads Guilty to Stealing And Selling of PII of UPMC Staff
A Michigan male has confessed to hacking into the human resource data storage of the University of Pittsburgh Medical Center from 2013 to 2014 and…
Data Breaches at Woodholme Gastroenterology Associates and SEIU 775 Benefits Group in Washington and an Identity Theft Case
SEIU 775 Benefits Group in Washington has informed around 140,000 of its members regarding the exposure of some of their protected health information (PHI). Around…
Pennsylvania Department of Health and Insight Global Sued over 72,000-Record Data Breach
The Pennsylvania Department of Health along with its COVID-19 contact tracing vendor are being sued due to a breach of the personal and health information…
Lawmakers Want the Breach of the Contact Tracing Information of 72,000 Pennsylvanians Reviewed
Lawmakers in the Commonwealth of Pennsylvania are asking for a data breach to be investigated. The incident pertains to the contact tracing information of 72,000…
Guidelines for Network Defenders to Discover and Prevent Russian Cyber Operations
A joint cybersecurity notice was given by the Federal Bureau of Investigation (FBI), the Department of Homeland Security (DHS), and the Cybersecurity and Infrastructure Security…
Data Breaches at Total Health Care Inc and Harrington Physician Services
Total Health Care Inc., a health plan based in Detroit, MI, found out that unauthorized people have acquired access to a number of staff email…
Implementation of the HHS Information Blocking and Interoperability Regulations
The new information blocking and interoperability rules created by the Department of Health and Human Services included in the 21st Century Cures Act became effective…
Email Security Breaches at Orthopaedics Practice, Administrative Advantage, and Parkland Health and Hospital System
The Centers for Advanced Orthopaedics located in Maryland, Washington DC, and Virginia found out that unauthorized persons got access to the email accounts of several…
PHI Exposed Due to Ransomware Attacks on the University of Miami Health and Mott Community College
A ransomware attack on Accellion, a file transfer service company, permitted unauthorized individuals to access the protected health information (PHI) of University of Miami Health…
Class Action Lawsuit Filed Against UPMC and Charles Hilton and Associates
University of Pittsburgh Medical Center (UPMC) and the Charles Hilton and Associates law company are confronting a class action lawsuit due to a breach of…
NY Nurse Pleads Guilty to Consumer Product Tampering in HIPAA Case
A former nurse at Roswell Park Comprehensive Cancer Center admitted to a crime of tampering with a consumer item in a case that involves fraudulence…
FTC Urged to Implement Breach Notification Rule Whenever Fertility Tracking Apps Share User Information With no Authorization
On March 4, 2021, Senator Robert Menendez (D-New Jersey), and Reps. Mikie Sherrill (D-New Jersey) and Bonnie Watson Coleman (D-New Jersey) authored a letter recommending…
Microsoft Launches Patches for Four Actively Exploited Vulnerabilities in Microsoft Exchange Server
Microsoft has introduced out-of-band security changes to deal with the four zero-day Microsoft Exchange Server vulnerabilities which a Chinese Advanced Persistent Threat (APT) group identified…
Facts About Healthcare Industry Cyber Threats and the Supply Chain Helping Criminal Activity
All through the pandemic, cybercriminals took advantage of new opportunities and have been attacking hospitals, medical clinics, and other companies and organizations on the front…
Impermissible Disclosure of the PHI at Campbell County Health and UT Southwestern Medical Center
A Campbell County Health (CCH) employee made an email error that resulted in the impermissible disclosure of the protected health information (PHI) of 900 people….
Hospital Researcher Jailed for Stealing and Selling Research Data to China
A female who was employed in a medical research laboratory at the Nationwide Children’s Hospital in Columbus, OH was sent to jail for theft of…
Global Law Enforcement Action Interferes with NetWalker Ransomware Activities
The U.S. Department of Justice (DOJ) issued an announcement about the seizure of a dark web website utilized by the NetWalker ransomware gang in connection…
Rady Children’s Hospital Confronted With Class Action Lawsuit as a Result of the Blackbaud Ransomware Attack
In May 2020, the cloud software corporation Blackbaud encountered a ransomware attack. As is typical in human-operated ransomware attacks, the attackers exfiltrated files before file…
M.D. Anderson Cancer Center’s $4.3 Million HIPAA Penalty Revoked on Appeal
The U.S. Court of Appeals for the Fifth Circuit has reversed the $4,348,000 HIPAA violation charges enforced by the Department of Health and Human Services’…
HITECH Act Amendment To Provide Cybersecurity Safe Harbor Signed into Law
On January 5, 2020, President Trump signed a bill (HR 7898) that makes changes to the Health Information Technology for Economic and Clinical Health Act…
Hidden Backdoor Found in 100,000 Zyxel Products
A vulnerability was found in Zyxel devices such as firewalls, VPN gateways, and access point (AP) controllers that hackers may take advantage of to get…
CISA Introduces Website About the SolarWinds Supply Chain Compromise and Free Tool to Detect Malicious Activity
The DHS’ Cybersecurity and infrastructure Security Agency has published a website with resources concerning the recent activities of the advanced persistent threat (APT) group liable…
19th HIPAA Penalty of 2020 Issued by OCR
The Department of Health and Human Services’ Office for Civil Rights (OCR) has arrived at a settlement deal with Peter Wrobel, M.D., P.C., dba Elite…
Seasonal Staff Sentenced to 42-Months In Jail for Theft of Information from Healthcare.Gov Database
A seasonal staff at a tech firm in Virginia got sentenced to 42 months imprisonment for accessing patient files, theft of personally identifiable information (PII),…
Rave Mobile Safety Introduces COVID-19 Vaccine Distribution Solution
Rave Mobile Safety has introduced a COVID-19 Vaccine Distribution Solution that will make it possible for public health agencies to determine who should receive priority…
University of Minnesota Physicians and McLeod Health Encounters Email Account Breaches
University of Minnesota Physicians lately encountered a phishing attack that made it possible for unauthorized persons to get access to two employees’ email accounts. One…
Phishing Incidents Reported by Connecticut Department of Social Services, Mercy Iowa City, and LSU Care Services
Connecticut Department of Social Services (DSS) sent a notification about a potential breach of the protected health information (PHI) of 37,000 persons due to several…
ASPR Gives Update on Ransomware Activities in the Healthcare Sector
The HHS’ Office of the Assistant Secretary for Preparedness and Response (ASPR) has released a recent advisory on ransomware activity that targets the healthcare and…
PHI Incidents at Northwest Eye Surgeons and Sight Partners, DJO, LLC and Lawrence General Hospital
Server Breach Impacts Patients of Northwest Eye Surgeons and Sight Partners Northwest Eye Surgeons LLC and Sight Partners LLC began informing 20,838 patients regarding the…
Failure of New Haven, CT to Remove Past Employee’s Access Rights Led to $202,000 HIPAA Fine
The City of New Haven, Connecticut has made the decision to resolve its HIPAA violation case with the Department of Health and Human Services’ Office…
FDA Okays Tool for Determining Medical Device Vulnerability Scores
MITRE Corporation created a new rubric for determining Common Vulnerability Scoring System (CVSS) scores of medical device vulnerabilities and it has passed the FDA’s scrutiny….