URMC Pays $3 Million HIPAA Penalty for Failure to Encrypt Mobile Devices
The University of Rochester Medical Center (URMC) paid OCR $3 million as HIPAA penalty for failing to implement encryption on mobile gadgets and for other…
Phishing Attacks Compromise PHI of 56,000 Presbyterian Health Plan Members
A series of phishing attacks have compromised the protected health information of 56,000 members of Presbyterian Health Plan. The phishing attacks did not directly target…
Former Employee at Little Rock Plastic Surgery Illegally Accessed Patient Information
Little Rock Plastic Surgery (LRPS) is in the process of notifying patients of a data security incident which saw a former employee illegally access the…
Fedcap Rehabilitation Notifying 2,200 Individuals of Data Breach
Fedcap Rehabilitation is in the process of notifying 2,200 individuals of a data security incident which may have seen their confidential information compromised. New York-based…
Limited HIPAA Waiver in Areas Affected by Hurricane Dorian
The Secretary of the Department of Health and Human Services (HHS), has declared a public health emergency in Puerto Rico and the states of Florida,…
IRS Phishing Scam Used to Spread Keylogging Malware
Taxpayers and business have been warned of a new IRS phishing scam being used to spread keylogging malware. The hackers design the emails to appear…
Malware Found in Android PDF App CamScanner
Users of the Android app CamScanner have been advised to uninstall the app after a recent version was found to harbour malware. Security researchers at…
Ransomware Attack at Hospice of San Joaquin, CA
The Hospice of San Joaquin in Stockton, California, is in the process of notifying patients that their protected health information may have been compromised in…
Grays Harbor Community Hospital in Washington Ransomware Attack Affects 88,000 Patients
Grays Harbor Community Hospital in Washington is notifying 88,399 patients that their confidential health information may have been compromised in a ransomware attack. The hospital…
HHS Issues Limited Waiver of HIPAA Sanctions and Penalties in Louisiana
The US Department of Health and Human Services has issued a limited waiver of HIPAA sanctions and penalties in Louisiana following Tropical Storm Barry making…
Northwood Notifying Patients of Data Breach Following Phishing Attack
Northwood Inc. is notifying individuals that their private information may have been comprised in a data breach following a phishing attack. Northwood Inc., based in…
Phishing Campaign Spreads Trickbot Trojan Through Fake Office 365 Website
A fake Office 365 phishing website is being used by hackers to distribute the Trickbot Trojan. The website is a convincing mimic of the legitimate…
Vitagene Breach Exposes Data of 3,000 Customers Online
Vitagene is in the process of investigating a data breach which has resulted in sensitive information of 3,000 customers from being exposed online. Vitagene, based…
Medical Center Enterprise Pays $300,000 to Alabama Woman for Privacy Rights Violation
Medical Center Enterprise, Alabama, has been ordered to pay a woman $300,000 in damages for violating her privacy rights. Amy Pertuit’s patient rights were violated…
THH Nurse Investigated for Impermissible File Access
A former nurse at Takai, Hoover & Hsu has is under investigation for impermissibly accessing of the protected health information (PHI) of 16,542 patients. The…
June 2019 Patch Tuesday: Mircosoft Fixes 88 Vulnerabilities
Microsoft has issued patches for 88 vulnerabilities this patch Tuesday. Of the vulnerabilities, 20 were rated critical. One servicing stack and 4 advisories were also…
AMCA Breach Compromises 12 Million Quest Diagnostics Records
A breach at the American Medical Collection Agency (AMCA) has compromised the records of nearly 12 million Quest Diagnostics patients. AMCA, a billing collections company…
Sexual Assault Victim Sues Hospital for Allegedly Disclosing PHI to her Attacker
A sexual assault victim has filed a lawsuit against a Kansas hospital for disclosing her private health information to her attacker. The then proceeded to…
Fourth Phishing Attack Hits St Vincent Medical Center
St. Vincent Medical Center is once again notifying patients of a data breach after experience a fourth phishing attack since December 2018. On March 26,…
Southeastern Council on Alcoholism and Drug Dependence Notifies Patients Following Ransomware Attack
The Southeastern Council on Alcoholism and Drug Dependence is notifying 25,000 patients that their PHI has been compromised in a ransomware attack. SCADD, based in…
Researchers Find Mail Clients Vulnerable to Digital Signature Spoofing Attacks
Cybersecurity researchers have identified vulnerabilities in mail clients that could be exploited by hackers in digital signature spoofing attacks. Digital signatures are widely used to…
MD Anderson Cancer Centre Fires Scientists Over Espionage Allegations
MD Anderson Cancer Centre has fired three scientists over allegations of espionage. The National Institutes of Health (NiH) contacted MD Anderson Cancer Centre, a world-leading…
Phishing Attack on Baystate Health Affects 12,000 Patients
Baystate Health has notified 12,000 patients a phishing attack on their facility compromised their PHI. Baystate Health, based in Massachusetts, discovered that an unauthorised individual…
FBI’s Internet Crime Complaint Centre Report Shows Increase in Financial Losses Due to Cybercrime
The FBI’s Internet Crime Complaint Centre (IC3) has released a report indicating that financial losses due to cybercrime rose drastically in 2018. The 2018 Internet…
Riverside Counselling Notifies Patients of Malware Attack
Riverplace Counselling Centre is notifying 11,639 patients of a data security incident following the discovery of malware on its systems. Riverplace Counselling Center in Anoka,…
Michigan Attorney General Responds to Wolverine Solutions Ransomware Attack
Michigan Attorney General Dana Nessel has issued a statement about a recent ransomware attack on the Wolverine Solutions Group, which may have affected up to…
TitanHQ Updates SpamTitan Email Security Solution
TitanHQ has released an update of its SpamTitan email security solution. TitanHQ, which specialises in providing email security solutions to SMBs and MSPs, has added…
Data Breach at PCEMS Affects 20,000 Patients
Pasquotank-Camden Emergency Medical Services (PCEMS) has contacted more than 20,000 patients that their data may have been compromised during a data breach. Hackers exploited a…
Breach at Third-Party Vendor Results in Exposure of Emerson Hospital Patient Data
A breach at a third-party vendor has resulted in 6,314 patients records from Emerson Hospital in Concord, MA being exposed. The breach occurred between May…
Deadline For Small Data Breach Reports Approaches
All HIPAA covered entities (CEs) should be aware that the deadline for reporting data breaches that occurred in 2018 of fewer than 500 records is…
Menlo Security Discovers New Emotet Trojan Campaign Tactic
Researchers at Menlo Security have announced the discovery of a new campaign tactic used by hackers to distribute the Emotet Trojan malware. Menlo Security’s researchers…
Microsoft February Patch Tuesday
Microsoft and Adobe have issued patches for 150 vulnerabilities this February 2019 Patch Tuesday. These updates included patches for 43 critical Adobe flaws and 20…
VFEmail Suffers Debilitating Cyber Attack
VFEmail has announced that it has suffered a debilitating cyber attack which saw nearly all of their data compromised. VFEmail, an email provider, issued a…
Blue Cross Blue Shield Business Associate Falls Victim to Ransomware Attack
A business associate of Blue Cross Blue Shield has announced that it was the victim of a ransomware attack. The breach was reported by Wolverine…
Phishing Attack at Family Physicians Group Orlando Compromises Patient’s PHI
A phishing attack at Family Physicians Group, Orlando, has resulted in 8,400 patients having their protected health information (PHI) compromised. The breach was identified on…
Phishing Campaign Uses Custom Web Font to Avoid Detection
A new phishing threat has been revealed in which the hacker has created a custom web font on their phishing website which renders the malicious…
Email Error Results in PHI of Veterans Accidentally Sent to Unauthorised Individual
A data security incident at Lebanon VA Medical Center has resulted in the protected health information (PHI) up to a thousand patients being accidentally sent…
Mimecast Security Awareness Training in Business Report Released
Mimecast has recently released the results of a survey on employee security awareness training in businesses. The results show that in many organisations, employees are…
Email Error Results in Data Breach at Prairie Fields Family Medicine
Prairie Fields Family Medicine has announced that an email error has resulted in the protected health information (PHI) of nearly 6,500 patients being compromised. Prairie…
Baylor Scott & White Medical Center Experiences Data Security Incident
Baylor Scott & White Medical Center, a Texan medical centre based in Frisco, has announced that due to a data security incident, the payment information…
Microsoft December Patch Tuesday Overview
Microsoft has issued patches for 39 vulnerabilities this December 2018 Patch Tuesday. Of the vulnerabilities, 10 were rated critical, 9 of which were in Microsoft…
Dharma Ransomware Attack on Altus Baytown Hospital
Altus Baytown Hospital in Baytown, TX, has announced that it was recently a victim of a ransomware attack, with their servers being infected with the…
Bankers Life Data Breach Affects 500,000 Customers
Bankers Life, a health insurance organisation which is part of the CNO Financial Group Inc., has experienced a data breach which has affected more than…
Protenus Publishes Breach Barometer Report for Q3 2018
Protenus, a healthier security organisation, has released its quarterly Breach Barometer Report for Q3 2018. The report is designed to give an insight into the…
Laptop Theft at Raley’s Pharmacy Threatens PHI of 10,000 Patients
Raley’s Pharmacy, associated with the family-owned Raley’s supermarket chain, has announced that up to 10,000 patients may have had their protected health information (PHI) compromised…
FBI Issues Alert About Internet Crime Complaint Center Phishing Cheats
February 9, 2018 The FBI has spent the past few months investigating reports of Internet Crime Complaint Center phishing scams. IC3 has been impersonated in…
Cofense Statement Discloses Latest Malware Distribution and Attack Trends
March 26, 2018 The 2018 Malware Review from security awareness and anti-phishing solution provider Cofense (Formerly PhishMe) looks at malware trends over the past 12…
KnowBe4 Issues Warning About Bogus Active Shooter Phishing Emails
April 23, 2018 The recent shootings at schools in the United States have shocked the nation, with educational institutions now on high alert for any…
Vega Stealer Malware Gathering Identifications from Web Browsers
May 17, 2018 A new variant of August Stealer – named Vega Stealer – is being distributed in small phishing campaigns targeting marketing, advertising, and…
Mnubot Banking Trojan Utilized Attacks on Brazilian Companies
A new banking Trojan – MnuBot – has been detected by IBM X-Force researchers which uses an unusual method of communication. Instead of using a…