Collaborate Disseminate
Marco A. De Felice reports: The American Renal Associates (now known as Innovative Renal Care), with over 230 locations across the United States, has become the latest victim in the clinical-hospital sector of a ransomware attack. Recently, the Medusa … Continue reading American Renal Associates patients affected by ransomware attack
Naomi Diaz reports: The American Hospital Association sent a letter to the HHS urging them to clarify whether hospitals and health systems should be providing breach notification to patients if protected health information is compromised due to the Feb… Continue reading AHA seeks guidance on reporting breaches linked to Change cyberattack
There is an update to a data leak incident discovered and reported by independent researcher Jelle Ursem and DataBreaches.net in April 2021. Top Class Actions reports that Med-Data, a business associate that handles health insurance claims data, has a… Continue reading Med-Data data leak $7M class action settlement
Attorney General Todd Rokita is filing a lawsuit on behalf of the people of Indiana against Apria Healthcare LLC for a massive data breach that impacted at least 42,000 Hoosiers and 1.8 million people nationwide. Apria is a provider of home healthcare … Continue reading Indiana Attorney General Files Suit Against Apria Healthcare
March 5. The U.S. Department of Health and Human Services (HHS) is aware that Change Healthcare – a unit of UnitedHealth Group (UHG) – was impacted by a cybersecurity incident in late February. HHS recognizes the impact this attack has had on health ca… Continue reading HHS Statement Regarding the Cyberattack on Change Healthcare
In 2018, a criminal hacker known as “Lifelock” reached out to DataBreaches to share details about two healthcare entities that had not met his ransom demands. These entities were a dental practice in Menlo Park, California, and the Holland Eye Surgery … Continue reading Update: Robert A. Purbeck, aka “Lifelock, to plead guilty in Atlanta
Developing: Someone claiming to be an “affiliate plus” for AlphV claims they were responsible for the Change Healthcare attack but that AlphV stole the payment Change Healthcare had made and suspended the affiliate’s account. The aff… Continue reading Developing: AlphV allegedly scammed Change Healthcare and its own affiliate
Three recent data breach disclosures involving patient data all exceeded HIPAA’s 60-day deadline to notify HHS and individuals. Yakima Valley Radiology A breach involving the Washington state radiology service was added to Karakurt’s leak s… Continue reading Three recent breach disclosures remind of us how seldom timely breach notification is enforced under HITECH
YLE News, STT report: Some patients from the Vastaamo psychotherapy centre had died by suicide after their patient records were stolen and used in extorition attempts, according to a lawyer representing victims. Legal arguments in the trial of Aleksant… Continue reading Vastaamo victims’ lawyer: Some took their own lives after patient record leak
Zack Whittaker reports that the ongoing cyberattack at Change Healthcare has been confirmed as a ransomware attack, with executives of the firm linking it to AlphV (BlackCat). Reuters was the first to report the claimed attribution to BlackCat, but un… Continue reading Yes, Change Healthcare breach was us — BlackCat