If a covered entity or business associate fails in complying with HIPAA rules, OCR is authorized to impose fines for HIPAA noncompliance – whether there’s no PHI breach or complaint. Following a great deal of […]
The gastroenterology healthcare provider based in Bradenton, FL called Florida Digestive Health Specialists (FDHS) has lately begun informing over 212,000 patients regarding the exposure of some of their protected health information (PHI) in a cyberattack […]
There is a 15.25% increase (compared to October) in the number of healthcare data breaches reported to the HHS’ Office for Civil Rights. November had 68 data breaches involving 500 and up records reported. For […]
A class-action lawsuit was filed versus San Juan Regional Medical Center in Farmington, New Mexico in relation to a reported data breach last June 2021. According to the breach investigation, there was an unauthorized individual […]
The Department of Health and Human Services’ Office for Civil Rights (OCR) has issued new guidance to discuss how the HIPAA Privacy Rule is applicable to disclosures of protected health information (PHI) to support applications […]
Eduro Healthcare in Salt Lake City, UT has advised 8,059 individuals regarding the potential exposure of their PHI. In March 2021, the healthcare company found suspicious activity in its network and took quick action to […]
Texas Ear, Nose & Throat Specialists P.A. (Texas ENT Specialists) recently suffered a cyberattack that was discovered on October 19, 2021. The moment the attack was identified, immediate action was done to avoid further access […]
The number of healthcare organizations affected by the latest ransomware attack on Kronos has been increasing in the past few days. 7 healthcare companies have now reported that they have been impacted by the attack. […]
The accountancy company Bansley and Kiener LLP based in Chicago, IL has announced that it encountered a ransomware attack in December 2020 that resulted in the encryption of certain files within its systems. The attack […]
On July 11, 2021, the Oregon Anesthesiology Group found out that it encountered a ransomware attack that resulted in the encryption of files on its systems and preventing access to its servers and patient data. […]
A maximum-severity vulnerability was discovered in Apache Log4j, which is an open-source logging library based in Java. It is utilized by a lot of organizations in their business programs and by numerous cloud solutions. The […]
A number of Hillrom Welch Allyn Cardio products had been found to have a high severity vulnerability that permits an attacker to access accounts without using a password. The vulnerability involves an authentication bypass problem […]
SonicWall has launched a new software program for its Secure Mobile Access (SMA) 100 series remote access appliances that correct 8 vulnerabilities which include 2 critical and 4 high-severity vulnerabilities. Threat actors are exploiting vulnerabilities […]
Three healthcare providers have lately announced security breaches affecting the email accounts of workers. The incidents potentially led to the compromise and possible theft of the protected health information (PHI) of over 40,000 people. Saltzer […]
The Health Information Sharing and Analysis Center (Health-ISAC) has released guidance for Chief Information Security Officers (CISOs) on adopting an identity-centric strategy to enable safe and quick access to patient information to satisfy the interoperability, […]
The Department of Health and Human Services made an announcement about its new website that provides guidance and resources to assist the medical care and public health industry to offset cybersecurity threats. The website was developed […]
Legal action was filed against Quest Diagnostics and ReproSource Fertility Diagnostics, its subsidiary, in the US District Court for the District of Massachusetts because of a ransomware attack in August 2021 that impacted 350,000 individuals. […]
Mental health clinic NorthCare based in Oklahoma City, OK encountered a ransomware attack in June 2021 that led to the exposure of the protected health information (PHI) of patients. NorthCare learned about the suspicious activity […]
The Cybersecurity and Infrastructure Security Agency (CISA) has issued new guidance for businesses to help them protect mobile devices and safely access company resources utilizing mobile gadgets. The Enterprise Mobility Management (EMM) system checklist was […]
Upstate Homecare, Consociate Health and Sarasota MRI, and have lately informed regulators and patients concerning security incidents relating to their personal data and protected health information (PHI). Upstate Homecare Informs 5,100 Patients Concerning Ransomware Attack […]
A former staff of Huntington Hospital located in New York is confronted with a criminal HIPAA violation case related to the unauthorized accessing of health records of 13,000 patients. The night shift hospital staff impermissibly […]
The Department of Health and Human Services’ Office for Civil Rights received 59 healthcare data breach reports involving 500 or higher records in October. The number of healthcare breaches in October is 25.5% higher than […]
The health insurance agency True Health New Mexico based in Albuquerque, NM began informing a number of health plan members regarding the exposure and possible theft of protected health information (PHI). True Health New Mexico […]
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have cautioned companies in the United States regarding the greater risk of cyberattacks during the Thanksgiving period. Cyber threat actors are […]
University Hospital Newark (NY) reported that a former hospital employee acquired the protected health information (PHI) of thousands of patients by accessing the records without authorized consent for a one-year period. That information was later […]
Orthopedic practice Lakeshore Bone & Joint Institute based in Indiana, has encountered a breach that affected its Microsoft Office 365 environment, including emails and file attachments that store the protected health information (PHI) of some […]
The protected health information (PHI) of 1,271,642 people was exposed and possibly stolen in two healthcare hacking incidents that were recently reported to the Department of Health and Human Services’ Office for Civil Rights. PHI […]
The New Jersey Attorney General has allowed a $130,000 settlement with two printing companies to resolve affirmed violations of the New Jersey Consumer Fraud Act (CFA) and Health Insurance Portability and Accountability Act (HIPAA) that […]
Southern Ohio Medical Center (SOMC) in Portsmouth, OH, is recouping from a cyberattack that happened on November 11, 2021. Because of the cyberattack, the hospital had to go on diversion and reroute ambulances to alternative […]
The HHS’ Health Sector Cybersecurity Coordination Center (HC3) has released a threat alert for the healthcare sector regarding cyber threat actors using the Cobalt Strike penetration testing tool. Cobalt Strike is a potent red team […]
8,412 Patients’ PHI Potentially Exposed Due to Surecare Specialty Pharmacy Ransomware Attack Surecare Specialty Pharmacy based in El Paso, TX has lately reported that it had suffered a sophisticated ransomware attack last August 16, 2021. […]
Two vulnerabilities with high severity scores were discovered in the Philips Tasy EMR that may result in the extraction of sensitive patient information from the database. An attacker can exploit the vulnerabilities remotely. There’s a […]
Seneca Family of Agencies located in California, a provider of education, juvenile justice, mental health, placement, and permanency services, discovered unauthorized activity in its computer systems on August 27, 2021. The action was promptly undertaken […]
Family of Woodstock (FOW), a New York provider of crisis intervention, information, prevention, and support services, has experienced a cyberattack that resulted in the potential compromise of the protected health information (PHI) of 8,214 people. […]
A federal judge has decided to favor the University of Mississippi Medical Center (UMMC) in a case of unauthorized access and data theft versus three ex-workers. UMMC filed a lawsuit against Dr. Spencer Sullivan as […]
Hallettsville, Texas’ critical access hospital Lavaca Medical Center, has begun informing 48,705 individuals regarding a security breach wherein their protected health information (PHI) was exposed. Lavaca Medical Center stated it detected abnormal activity in its […]
A new study has shown prevalent security problems at healthcare companies, which include bad access controls, few limitations on access to protected health information (PHI), and bad password practices, which put sensitive information in danger. […]
When a federal agency gives healthcare services, there may be situations in which workers must go through both HIPAA and Privacy Act training. Furthermore, as a growing number of states enact their own privacy regulations, […]
Syracuse ASC, doing business as Specialty Surgery Center of Central New York, has begun informing 24,891 patients regarding unauthorized individuals who got access to its computer network and potentially viewed some of their protected health […]
B. Braun has introduced software updates to resolve five vulnerabilities identified in Infusomat Space and Perfusor Space Infusion Pumps. An attacker with low-level skill can exploit the vulnerabilities remotely. In North America, the vulnerabilities have […]
Johnson Memorial Health has submitted a report concerning a ransomware attack that occurred on October 1, 2021, which resulted in files encryption of files that affected its IT systems. Emergency procedures were easily followed and […]
In September, there was a 23.7% more month-over-month reported cases of healthcare data breaches. The Department of Health and Human Services’ Office for Civil Rights received 47 data breach reports involving 500 and up records. […]
University Hospital Newark (NY) has found out that an ex-worker had accessed the protected health information(PHI) of many patients with no permission over the span of one year. That information was then shared with other […]
Professional Dental Alliance, an organization of dental practices associated with the North American Dental Group, informed its patients that an unauthorized person accessed some of their protected health information (PHI) kept in email accounts from […]
Around 27,500 people are being advised regarding the theft of some of their personal data when the American Osteopathic Association (AOA) encountered a cyberattack. AOA is a professional organization based in Chicago that represents approximately […]
Password managers for MSPs are used for securing the credentials of a business or client. Passwords are stored in a secure user vault. Every time a user goes to a website for which he/she has […]
Premier Patient Health Care based in Carrollton, TX has found out that an unauthorized individual had obtained the protected health information (PHI) of 37,636 patients in an insider data breach incident. Premier Patient Health Care […]
ReproSource Fertility Diagnostics based in Malborough, MA has encountered a ransomware attack that allowed hackers to get access to networks holding the protected health information (PHI) of roughly 350,000 patients. ReproSource is a top reproductive […]
A previous patient of Northwestern Memorial HealthCare (NMHC) filed a lawsuit against Elekta Inc. regarding its ransomware attack and security breach last April 2021. Many U.S. healthcare providers are business associates with Elekta, a Swedish […]
Eskenazi Health based in Indianapolis, IN reported a ransomware attack that was discovered on or approximately August 4, 2021. The IT team noticed suspicious activity and promptly de-activated systems to control the attack. Emergency procedures […]
Californian healthcare provider San Diego Health is facing multiple class-action lawsuits over a data breach impacting the protected health information (PHI) of 496,949 patients. San Diego Health discovered suspicious activity in the email accounts of […]
Entities governed by the Health Insurance Portability and Accountability Act (HIPAA) have to give their employees security awareness training, however, a new report indicates that training is missing at a lot of HIPAA-governed entities. KnowBe4, […]
Navistar Inc. based in Lisle, IL has sent more notification letters to persons impacted by a security breach that was discovered on May 20, 2021. The American truck maker straight away enforced its cybersecurity response […]
PHI of Up to 3,634 Individuals Exposed at Vista Radiology Ransomware Attack Vista Radiology located in Knoxville, TN has informed 3,634 patients regarding a ransomware attack encountered on July 11, 2021 which resulted in the […]
The Vice Society ransomware group states to have carried out a ransomware attack on United Health Centers of San Joaquin Valley, a healthcare provider in California. United Health Centers manages over 20 community health centers […]
Eastern Los Angeles Regional Center learned that an unauthorized person had accessed the email account of one of its employees. On July 15, 2021, the center noticed suspicious activity in the email account and performed […]
Family Medical Center of Michigan (FMC) located in Temperance, MI has advised 21,988 patients regarding a July 2020 ransomware attack that resulted in the potential compromise of their protected health information (PHI). FMC stated that […]
August 2021 had 44% less number of reported healthcare data breaches. Healthcare providers, health plans, and their business associates reported 38 healthcare data breaches involving 500 or more records. Including August’s reported data breaches, the […]
The Alaska Department of Health and Social Services (DHSS) is about to begin mailing notification letters to all people in the state to let them know about the potential compromise of their personal and health […]
Austin Cancer Centers is notifying 36,503 patients regarding the compromise of some of their protected health information (PHI) because of a security incident identified on August 4, 2021. Unauthorized people were learned to have acquired […]
California’s Department of State Hospitals – Coalinga (DSH-C) has informed 1,738 patients about the impermissible disclosure of some of their protected health information (PHI) by a DSH-C employee. The United States District Court, Eastern District […]
Creators of health applications and wearable devices like fitness trackers that get health information received a warning from the Federal Trade Commission (FTC) that they must abide by the FTC Health Breach Notification Rule and […]
The protected health information (PHI) of 116,898 patients of HealthReach Community Health Centers based in Waterville, MA was exposed and possibly compromised. HealthReach Community Health Centers manages 11 community health centers located in Western and […]
Two DuPage Medical Group patients are taking legal action against the healthcare provider right after a July 2021 ransomware attack through which patients’ protected health information (PHI) was compromised. DuPage Medical Group experienced the ransomware […]
On June 25, 2021, Mental health service provider Wedge Recovery Centers based in Philadelphia, Pennsylvania, found suspicious activity in its computer network that suggested unauthorized persons had accessed its systems. The provider immediately took steps […]
Denton County in Texas has identified a vulnerability in a third-party provider software utilized in association with the personal health information (PHI) of individuals that was possibly exploited by unauthorized people. The software was utilized […]
The Cybersecurity and Infrastructure Security Agency (CISA) has refreshed its listing of cybersecurity bad practices that should be eliminated. Cyber threat actors frequently carry out highly sophisticated attacks to obtain access to internal systems and […]
New research of breach reports sent to the Department of Health and Human Services’ Office for Civil Rights has shown that outpatient facilities and specialty clinics were attacked by cyber threat actors more often than […]
Atlanta Allergy & Asthma has begun sending notifications to 9,851 patients regarding a January 2021 cyberattack whereby their protected health information (PHI) was exposed and possibly breached. Atlanta Allergy & Asthma stated its investigation into […]
San Andreas Regional Center located in San Jose, CA has begun informing patients regarding the potential compromise of their PHI in a ransomware attack in July 2021. On July 5, its systems and servers were […]
Metro Infectious Disease Consultants is informing 171,740 patients concerning an email security incident uncovered on June 24, 2021. An unauthorized person had acquired access to some employees’ email accounts which included the protected health information […]
HIPAA-covered entities and their business associates are still reporting big numbers of healthcare data breaches. July had 70 reported data breaches involving at least 500 records, which means having 2 or more data breaches reported […]
South Florida Community Care Plan has learned that an ex-employee mailed to a personal email account the internal documents that contain the protected health information (PHI) of plan members. The breach was identified on June […]
St. Joseph’s/Candler (SJ/C) hospital system located in Savannah, GA had been attacked by ransomware on June 17, 2021 at approximately 4 a.m. After becoming aware of the suspicious activity in its system, SJ/C quickly worked […]
At the beginning of August, a hacker contacted Dissent of DataBreaches.net and professed to have acquired access to the systems of an HVAC vendor and the systems of its customers, such as Boston Children’s Hospital. […]
The personal information of 750,000 Hoosiers gathered together with a COVID-19 contact tracing survey performed by the Indiana Department of Health was exposed on the internet and downloaded by an organization not allowed to get […]
Ransomware attacks on hospitals can result in massive financial deficits, just like what the Ryuk ransomware attack did on Universal Health Services. UHS is one of the biggest healthcare companies in America and runs 26 […]
USA Waste-Management Resources, LLC has begun informing a number of employees, ex-employees, and dependents covered by its self-managed health plan regarding the potential compromise of some of their personal data and protected health information (PHI) […]
The email accounts of some employees of Children’s Hospital of The King’s Daughters (CHKD) based in Norfolk, VA were compromised in a phishing attack. CHKD stated in its August 10, 2021 breach notification that the […]
The Journal of the American Medical Informatics Association (JAMIA) published a recent study that sought to determine the connection of cybersecurity risk ratings to healthcare data breaches. The study was carried out utilizing hospital cybersecurity […]
NCH Corporation based in Irving, TX, a global marketer of maintenance products, submitted a report concerning an alleged ransomware attack. The company detected suspicious network activity inside its networks on March 5, 2021, that made […]
Ransomware attacks have gone up considerably in the last 12 months, nevertheless, phishing attacks still bring about problems for companies, based on a recent survey done by Arlington Research together with security company Egress. Nearly […]
Nine critical vulnerabilities were found in the Swisslog Healthcare Translogic Pneumatic Tube System (PTS) stations’ Nexus Control Panel, which are utilized in over 80% of big hospitals in the U.S.A. Pneumatic tube systems are employed […]
Kubernetes is a well-known open-source cloud tool for deploying and running containerized applications. Lately, there were a number of security breaches that allowed hackers to get access to badly secured Kubernetes accounts to steal sensitive […]
Harris County in Texas has uncovered that the personal and health information (PHI) of thousands of people were exposed on the internet. It is likely that unauthorized individuals may have accessed this data. Under Harris […]
The U.S. Department of Justice reported that a federal court in the Eastern District of Texas has sentenced a Texas lady to serve 30 months in federal prison for committing a conspiracy to acquire protected […]
Based on the newest report from ransomware incident response firm Coveware, there is a 38% decline in the average ransom payment made by victims of ransomware attacks between Q1 and Q2, 2021. Q2’s average ransom […]
2020 was notably bad for the healthcare sector considering the record numbers of reported data breaches. Ransomware was a big threat. Emsisoft identified 560 ransomware attacks on healthcare companies last 2020. According to Comparitech, the […]
The Cancer Center at Greenwood Leflore Hospital (CCGLH) in Mississippi informed its patients about the Elekta ransomware attack as a preventative measure to avert identity theft and fraud. Elekta notified CCGLH on May 17 regarding […]
The Nebraska Department of Health and Human Services has made an announcement about a security incident that involved the protected health information (PHI) of clients of Aging Partners, a department of the City of Lincoln. […]
Oklahoma Heart Hospital has begun informing a number of patients regarding a privacy incident wherein paperwork that contains some patient data was unintentionally contributed to charity. A former worker had written notes by hand that […]
For three successive months, there has been an increase in the number of reported healthcare data breaches involving at least 500 records. June had 70 data breaches involving at least 500 records reported to the […]
University Medical Center of Southern Nevada (UMC) has encountered a ransomware attack and had patient data stolen. The medical center said it identified suspicious activity within the hospital system in mid-June and had taken fast […]
Another three healthcare providers made an announcement that they were affected by the recent ransomware attack on Elekta Inc, the Swedish radiation therapy and radiosurgery solution provider. Elekta has a cloud-based mobile app known as […]
Sierra Nevada Primary Care Physicians based in California is notifying 1,717 patients regarding an incident that resulted in the stealing of selected protected health information (PHI), which includes names and credit card details. The District […]
The protected health information (PHI) of around 30,063 Florida Blue (Blue Shield of Florida and Blue Cross) members might have been seen or acquired during a brute force attack on the online member portal of […]
Like California and Virginia, Colorado has passed a comprehensive data privacy law to protect state locals. There were several amendments made before the Colorado Privacy Act went over the line. The state Senate finally passed […]
The pharmacy and supermarket company Kroger has offered to pay $5 million to settle lawsuits which the victims of a data breach filed because their personal data and protected health information (PHI) were exposed. Kroger […]
Coastal Family Health Center (CFHC), the fourth biggest community health center based in Mississippi, has begun informing patients regarding a May 13, 2021 cyberattack that compromised some of their protected health information (PHI). CFHC stated […]
According to a new NBC4 Investigates Report, a breach of the Ohio State University’s (OSU) pilot program that assists veterans to recuperate from Post Traumatic Stress Disorder (PTSD) and other psychological health problems led ot […]
CalHIPAA is a registered trademark. © Copyright 2003 to 2024 calHIPAA. All rights reserved.