DC Health Link Data Breach and Theft of PII of Lawmakers and Capitol Hill Staff A cyberattack on the medical insurance marketplace, DC Health Link, resulted in the theft of the personal data of lawmakers and staffers. DC Health Link provides services to about 100,000 individuals, which include 11,000 members and staffers of Congress. The … Read more
Four Californian Medical Groups Face Lawsuits for Data Breach Impacting 3.3 Million Individuals Four Californian medical groups were charged in a class action lawsuit alleging a failure to carry out acceptable and proper cybersecurity procedures, which results in a cyberattack and data breach affecting the personal data and protected health information (PHI) of 3,300,638 present … Read more
GoodRx to Pay FTC $1.5 Million to Resolve Violations of the FTC Act and Health Breach Notification Rule On behalf of the Federal Trade Commission (FTC), the Department of Justice filed a proposed order on February 1, 2023 forbidding GoodRx from giving the health data of its users to third parties for marketing uses. This … Read more
Advent Health Partners Offers $500,000 Settlement for Class Action Data Breach Lawsuit The health system, Advent Health Partners, based in Nashville, TN has offered to pay $500,000 to settle claims associated with a September 2021 data breach affecting the protected health information (PHI) of 61,072 patients. Advent Health Partners discovered the email account breach at … Read more
The last day for reporting healthcare data breaches of less than 500 records is upcoming. HIPAA-covered entities should make sure to report these data breaches to the HHS’ Office for Civil Rights (OCR) on or before March 1, 2023. Not reporting data breaches on time violates the HIPAA rule and may be penalized. Under the … Read more
300,000 Patients Affected by Highmark Health Phishing Attack Highmark Health based in Pittsburg, PA is the second biggest integrated delivery and financing system provider in America. Recently, it reported a phishing attack that affected one of its employee’s email accounts. After the employee clicked the URL in the phishing email and disclosed some credentials, an … Read more
Lutheran Social Services of Illinois located in Des Plaines, IL is one of the state’s biggest social services providers. It has reported the breach of its systems using ransomware for file encryption. The provider discovered the cyberattack on January 27, 2022, and took systems offline to control the ransomware attack. Third-party cybersecurity experts are investigating … Read more
More cybercriminals are utilizing legit remote monitoring and management (RMM) software in their attacks, as per a new joint notification from the National Security Agency (NSA), the Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Cybersecurity and Infrastructure Security Agency (CISA). The campaign was earliest discovered in October 2022 and consists of callback phishing. … Read more
The home help service provider known as Home Care Providers of Texas (HCPT) based in Dallas, TX recently reported that unauthorized persons acquired access to its system and encrypted files using ransomware. The company detected the security breach on June 29, 2022, when staff members could not access patient files. Top-rated third-party cybersecurity professionals investigated … Read more
The Hive ransomware-as-a-service (RaasS) operation has professed liability for an attack on Florida-based Consulate Health Care, a chain of 140 U.S. nursing homes. The group states it stole 550 GB of information during the attack and encrypted the files on December 3, 2022. On January 6, 2023, the leak site of the group published information … Read more