Collaborate Disseminate
In November 2021, the Northeast Rehabilitation Hospital Network in New Hampshire notified HHS of a breach. At the time, they indicated 501 patients had been affected, which is usually just a marker for “we know it’s more than 500, but we do… Continue reading NH: Northeast Rehabilitation Hospital Network updates their 2021 breach notification
On August 23, DESORDEN alerted DataBreaches to another one of their attacks. This one involved the PT JASAMARGA TOLLROAD OPERATOR, Indonesia’s largest major tollway and highway operator. According to DESORDEN’s statement: This data breach i… Continue reading Major Indonesia tollroad operator hacked by DESORDEN
On July 15, DataBreaches reported that Baton Rouge General Medical Center in Louisiana had been the victim of a significant ransomware attack. Our report attributed the attack to Hive although Hive was publicly denying responsibility at the time and cl… Continue reading Hive starts dumping patient and employee data from Baton Rouge General Health System
Yesterday, Chum1ng0 spotted a forum listing that affects a regional office in the Illinois k-12 education system. DataBreaches reached out to that regional office by email yesterday morning to alert them. Emails were sent to multiple people, including … Continue reading Today’s reminder to read email alerts and acknowledge them…
A DataBreaches opinion piece. You might think a giant insurer like Anthem, which has experienced at least several breaches over the years — including one of the most significant breaches ever — would understand the importance of transparenc… Continue reading Transparency #FAIL: Why won’t Anthem/Elevance Health answer a simple question about breaches?
On August 12, Onyx Technology of Maryland began notifying regulators and others about a ransomware attack they experienced. According to their notification to the Montana Attorney General’s Office on behalf of Independent Care Health Plan (iCare… Continue reading MD: Onyx Technology alerts clients and patients of ransomware incident
The California Department of Corrections and Rehabilitation (CDCR) issued a breach notification this week. Because the notification mentions COVID-19 testing, at first, DataBreaches thought it was the incident CDCR had disclosed last month, but no, it … Continue reading California Department of Corrections and Rehabilitation notifies staff, visitors, and incarcerated individuals of breach
First LockBit claimed that they had successfully attacked security firm Entrust and would be leaking their files if their demands (financial) were not met. Bleeping Computer broke the story in June and then updated it. Then some person or persons decid… Continue reading Always at risk of DDoS, LockBit finds itself under greater attack after announcing Entrust attack
In February 2020, Overlake Medical Center and Clinics in Washington State reported a phishing incident in December 2019. More than 109,200 patients were reportedly affected. HHS investigated the incident and wrote a closing note in the file: Overlake … Continue reading How many breaches has Overlake Medical Center & Clinics experienced in the past few years?
In June, many of us first became aware that Facebook was receiving sensitive medical information from hospital websites. Of 33 hospital websites that The Markup tested, 10 of them had trackers (“Meta Pixels”) which sent information to Faceb… Continue reading From the “What Could Possibly Go Wrong Department” after it went wrong, Monday edition