Articles by Site Editor

In December 2021, there were 56 data breaches involving 500 and up healthcare records reported to the HHS’ Office for Civil Rights (OCR), which showed a 17.64% drop compared to the past month. In 2021, […]

Jefferson Surgical Clinic based in Roanoke, VA has started alerting patients concerning the potential compromise of some of their protected health information (PHI) due to a cyberattack that was uncovered on June 5, 2021. Based […]

The tech firm Accellion in Palo Alto, CA made a proposal for an $8.1 million settlement to take care of a class action data breach suit that was filed on behalf of affected individuals of […]

The digital pharmacy and health app developer Ravkoo based in Auburndale, FL has started sending notification letters to a number of patients regarding an unauthorized individual who viewed and potentially stole some of their sensitive […]

The Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and the Cybersecurity and Infrastructure Security Agency (CISA) have given a joint alert to caution about the danger of Russian cyberattacks on critical infrastructures, […]

In 2019, it was scary to have over 1 healthcare data breach report daily. In 2021, certain months had over two healthcare data breaches per day. With data breaches occurring so often and ransomware attacks […]

Anthem Inc. has notified 2,003 members that an unauthorized individual potentially viewed or obtained some of their protected health information (PHI) after gaining access to the network of one of its business associates. Anthem works […]

Fertility Centers of Illinois (FCI) has lately advised 79,943 present and past patients concerning unauthorized persons that may have accessed or acquired some of their protected health information (PHI). FCI found suspicious system activity last […]

The Rhode Island Public Transit Authority (RIPTA) has just informed the Department of Health and Human Services’ Office for Civil Rights regarding a data breach that affected the protected health information (PHI) of 5,015 individuals […]

Some of the major healthcare data breaches of 2021 are the worst in history. This post summarizes the major data breaches reported in 2021. The Department of Health and Human Services’ Office for Civil Rights’ […]

Saltzer Health based in Nampa, Idaho has begun informing a number of patients regarding the exposure of their protected health information (PHI) due to an email account breach, which was discovered on June 1, 2021. […]

The gastroenterology healthcare provider based in Bradenton, FL called Florida Digestive Health Specialists (FDHS) has lately begun informing over 212,000 patients regarding the exposure of some of their protected health information (PHI) in a cyberattack […]

There is a 15.25% increase (compared to October) in the number of healthcare data breaches reported to the HHS’ Office for Civil Rights. November had 68 data breaches involving 500 and up records reported. For […]

The Department of Health and Human Services’ Office for Civil Rights (OCR) has issued new guidance to discuss how the HIPAA Privacy Rule is applicable to disclosures of protected health information (PHI) to support applications […]

Eduro Healthcare in Salt Lake City, UT has advised 8,059 individuals regarding the potential exposure of their PHI. In March 2021, the healthcare company found suspicious activity in its network and took quick action to […]

Texas Ear, Nose & Throat Specialists P.A. (Texas ENT Specialists) recently suffered a cyberattack that was discovered on October 19, 2021. The moment the attack was identified, immediate action was done to avoid further access […]

The number of healthcare organizations affected by the latest ransomware attack on Kronos has been increasing in the past few days. 7 healthcare companies have now reported that they have been impacted by the attack. […]

The accountancy company Bansley and Kiener LLP based in Chicago, IL has announced that it encountered a ransomware attack in December 2020 that resulted in the encryption of certain files within its systems. The attack […]

On July 11, 2021, the Oregon Anesthesiology Group found out that it encountered a ransomware attack that resulted in the encryption of files on its systems and preventing access to its servers and patient data. […]

A maximum-severity vulnerability was discovered in Apache Log4j, which is an open-source logging library based in Java. It is utilized by a lot of organizations in their business programs and by numerous cloud solutions. The […]

A number of Hillrom Welch Allyn Cardio products had been found to have a high severity vulnerability that permits an attacker to access accounts without using a password. The vulnerability involves an authentication bypass problem […]

SonicWall has launched a new software program for its Secure Mobile Access (SMA) 100 series remote access appliances that correct 8 vulnerabilities which include 2 critical and 4 high-severity vulnerabilities. Threat actors are exploiting vulnerabilities […]

Three healthcare providers have lately announced security breaches affecting the email accounts of workers. The incidents potentially led to the compromise and possible theft of the protected health information (PHI) of over 40,000 people. Saltzer […]

The Department of Health and Human Services made an announcement about its new website that provides guidance and resources to assist the medical care and public health industry to offset cybersecurity threats. The website was developed […]

Mental health clinic NorthCare based in Oklahoma City, OK encountered a ransomware attack in June 2021 that led to the exposure of the protected health information (PHI) of patients. NorthCare learned about the suspicious activity […]

The Cybersecurity and Infrastructure Security Agency (CISA) has issued new guidance for businesses to help them protect mobile devices and safely access company resources utilizing mobile gadgets. The Enterprise Mobility Management (EMM) system checklist was […]

Upstate Homecare, Consociate Health and Sarasota MRI, and have lately informed regulators and patients concerning security incidents relating to their personal data and protected health information (PHI). Upstate Homecare Informs 5,100 Patients Concerning Ransomware Attack […]

The Department of Health and Human Services’ Office for Civil Rights received 59 healthcare data breach reports involving 500 or higher records in October. The number of healthcare breaches in October is 25.5% higher than […]

The health insurance agency True Health New Mexico based in Albuquerque, NM began informing a number of health plan members regarding the exposure and possible theft of protected health information (PHI). True Health New Mexico […]

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have cautioned companies in the United States regarding the greater risk of cyberattacks during the Thanksgiving period. Cyber threat actors are […]

University Hospital Newark (NY) reported that a former hospital employee acquired the protected health information (PHI) of thousands of patients by accessing the records without authorized consent for a one-year period. That information was later […]

Orthopedic practice Lakeshore Bone & Joint Institute based in Indiana, has encountered a breach that affected its Microsoft Office 365 environment, including emails and file attachments that store the protected health information (PHI) of some […]

The protected health information (PHI) of 1,271,642 people was exposed and possibly stolen in two healthcare hacking incidents that were recently reported to the Department of Health and Human Services’ Office for Civil Rights. PHI […]

Southern Ohio Medical Center (SOMC) in Portsmouth, OH, is recouping from a cyberattack that happened on November 11, 2021. Because of the cyberattack, the hospital had to go on diversion and reroute ambulances to alternative […]

The HHS’ Health Sector Cybersecurity Coordination Center (HC3) has released a threat alert for the healthcare sector regarding cyber threat actors using the Cobalt Strike penetration testing tool. Cobalt Strike is a potent red team […]

Compliancy Group has certified that the healthcare technology startup Wasfago based in Dubai has an efficient HIPAA compliance program in place and has satisfied the necessary requirements of the Health Insurance Portability and Accountability Act […]

8,412 Patients’ PHI Potentially Exposed Due to Surecare Specialty Pharmacy Ransomware Attack Surecare Specialty Pharmacy based in El Paso, TX has lately reported that it had suffered a sophisticated ransomware attack last August 16, 2021. […]

Two vulnerabilities with high severity scores were discovered in the Philips Tasy EMR that may result in the extraction of sensitive patient information from the database. An attacker can exploit the vulnerabilities remotely. There’s a […]

Seneca Family of Agencies located in California, a provider of education, juvenile justice, mental health, placement, and permanency services, discovered unauthorized activity in its computer systems on August 27, 2021. The action was promptly undertaken […]

Family of Woodstock (FOW), a New York provider of crisis intervention, information, prevention, and support services, has experienced a cyberattack that resulted in the potential compromise of the protected health information (PHI) of 8,214 people. […]

Hallettsville, Texas’  critical access hospital Lavaca Medical Center, has begun informing 48,705 individuals regarding a security breach wherein their protected health information (PHI) was exposed. Lavaca Medical Center stated it detected abnormal activity in its […]

When a federal agency gives healthcare services, there may be situations in which workers must go through both HIPAA and Privacy Act training. Furthermore, as a growing number of states enact their own privacy regulations, […]

Syracuse ASC, doing business as Specialty Surgery Center of Central New York, has begun informing 24,891 patients regarding unauthorized individuals who got access to its computer network and potentially viewed some of their protected health […]

B. Braun has introduced software updates to resolve five vulnerabilities identified in Infusomat Space and Perfusor Space Infusion Pumps. An attacker with low-level skill can exploit the vulnerabilities remotely. In North America, the vulnerabilities have […]

Johnson Memorial Health has submitted a report concerning a ransomware attack that occurred on October 1, 2021, which resulted in files encryption of files that affected its IT systems. Emergency procedures were easily followed and […]

In September, there was a 23.7% more month-over-month reported cases of healthcare data breaches. The Department of Health and Human Services’ Office for Civil Rights received 47 data breach reports involving 500 and up records. […]

University Hospital Newark (NY) has found out that an ex-worker had accessed the protected health information(PHI) of many patients with no permission over the span of one year. That information was then shared with other […]

Professional Dental Alliance, an organization of dental practices associated with the North American Dental Group, informed its patients that an unauthorized person accessed some of their protected health information (PHI) kept in email accounts from […]

Around 27,500 people are being advised regarding the theft of some of their personal data when the American Osteopathic Association (AOA) encountered a cyberattack. AOA is a professional organization based in Chicago that represents approximately […]

Password managers for MSPs are used for securing the credentials of a business or client. Passwords are stored in a secure user vault. Every time a user goes to a website for which he/she has […]

Premier Patient Health Care based in Carrollton, TX has found out that an unauthorized individual had obtained the protected health information (PHI) of 37,636 patients in an insider data breach incident. Premier Patient Health Care […]

ReproSource Fertility Diagnostics based in Malborough, MA has encountered a ransomware attack that allowed hackers to get access to networks holding the protected health information (PHI) of roughly 350,000 patients. ReproSource is a top reproductive […]

Eskenazi Health based in Indianapolis, IN reported a ransomware attack that was discovered on or approximately August 4, 2021. The IT team noticed suspicious activity and promptly de-activated systems to control the attack. Emergency procedures […]

Entities governed by the Health Insurance Portability and Accountability Act (HIPAA) have to give their employees security awareness training, however, a new report indicates that training is missing at a lot of HIPAA-governed entities. KnowBe4, […]

KLAS just released its 2021 Clinical Communication Platform Report, which pointed out the contribution of clinical communication platforms in boosting efficiency in healthcare, improved communication throughout many areas of hospitals, and the resulting tangible outcomes, […]

Navistar Inc. based in Lisle, IL has sent more notification letters to persons impacted by a security breach that was discovered on May 20, 2021. The American truck maker straight away enforced its cybersecurity response […]

PHI of Up to 3,634 Individuals Exposed at Vista Radiology Ransomware Attack Vista Radiology located in Knoxville, TN has informed 3,634 patients regarding a ransomware attack encountered on July 11, 2021 which resulted in the […]

The Vice Society ransomware group states to have carried out a ransomware attack on United Health Centers of San Joaquin Valley, a healthcare provider in California. United Health Centers manages over 20 community health centers […]

Eastern Los Angeles Regional Center learned that an unauthorized person had accessed the email account of one of its employees. On July 15, 2021, the center noticed suspicious activity in the email account and performed […]

Family Medical Center of Michigan (FMC) located in Temperance, MI has advised 21,988 patients regarding a July 2020 ransomware attack that resulted in the potential compromise of their protected health information (PHI). FMC stated that […]

August 2021 had 44% less number of reported healthcare data breaches. Healthcare providers, health plans, and their business associates reported 38 healthcare data breaches involving 500 or more records. Including August’s reported data breaches, the […]

The Alaska Department of Health and Social Services (DHSS) is about to begin mailing notification letters to all people in the state to let them know about the potential compromise of their personal and health […]

Austin Cancer Centers is notifying 36,503 patients regarding the compromise of some of their protected health information (PHI) because of a security incident identified on August 4, 2021. Unauthorized people were learned to have acquired […]

California’s Department of State Hospitals – Coalinga (DSH-C) has informed 1,738 patients about the impermissible disclosure of some of their protected health information (PHI) by a DSH-C employee. The United States District Court, Eastern District […]

Creators of health applications and wearable devices like fitness trackers that get health information received a warning from the Federal Trade Commission (FTC) that they must abide by the FTC Health Breach Notification Rule and […]

The protected health information (PHI) of 116,898 patients of HealthReach Community Health Centers based in Waterville, MA was exposed and possibly compromised. HealthReach Community Health Centers manages 11 community health centers located in Western and […]

On June 25, 2021, Mental health service provider Wedge Recovery Centers based in Philadelphia, Pennsylvania, found suspicious activity in its computer network that suggested unauthorized persons had accessed its systems. The provider immediately took steps […]

Denton County in Texas has identified a vulnerability in a third-party provider software utilized in association with the personal health information (PHI) of individuals that was possibly exploited by unauthorized people. The software was utilized […]

The Cybersecurity and Infrastructure Security Agency (CISA) has refreshed its listing of cybersecurity bad practices that should be eliminated. Cyber threat actors frequently carry out highly sophisticated attacks to obtain access to internal systems and […]

New research of breach reports sent to the Department of Health and Human Services’ Office for Civil Rights has shown that outpatient facilities and specialty clinics were attacked by cyber threat actors more often than […]

Atlanta Allergy & Asthma has begun sending notifications to 9,851 patients regarding a January 2021 cyberattack whereby their protected health information (PHI) was exposed and possibly breached. Atlanta Allergy & Asthma stated its investigation into […]

San Andreas Regional Center located in San Jose, CA has begun informing patients regarding the potential compromise of their PHI in a ransomware attack in July 2021. On July 5, its systems and servers were […]

Metro Infectious Disease Consultants is informing 171,740 patients concerning an email security incident uncovered on June 24, 2021. An unauthorized person had acquired access to some employees’ email accounts which included the protected health information […]

HIPAA-covered entities and their business associates are still reporting big numbers of healthcare data breaches. July had 70 reported data breaches involving at least 500 records, which means having 2 or more data breaches reported […]

St. Joseph’s/Candler (SJ/C) hospital system located in Savannah, GA had been attacked by ransomware on June 17, 2021 at approximately 4 a.m. After becoming aware of the suspicious activity in its system, SJ/C quickly worked […]

At the beginning of August, a hacker contacted Dissent of DataBreaches.net and professed to have acquired access to the systems of an HVAC vendor and the systems of its customers, such as Boston Children’s Hospital. […]

The personal information of 750,000 Hoosiers gathered together with a COVID-19 contact tracing survey performed by the Indiana Department of Health was exposed on the internet and downloaded by an organization not allowed to get […]

Ransomware attacks on hospitals can result in massive financial deficits, just like what the Ryuk ransomware attack did on Universal Health Services. UHS is one of the biggest healthcare companies in America and runs 26 […]

USA Waste-Management Resources, LLC has begun informing a number of employees, ex-employees, and dependents covered by its self-managed health plan regarding the potential compromise of some of their personal data and protected health information (PHI) […]

The email accounts of some employees of Children’s Hospital of The King’s Daughters (CHKD) based in Norfolk, VA were compromised in a phishing attack. CHKD stated in its August 10, 2021 breach notification that the […]

The Journal of the American Medical Informatics Association (JAMIA) published a recent study that sought to determine the connection of cybersecurity risk ratings to healthcare data breaches. The study was carried out utilizing hospital cybersecurity […]

NCH Corporation based in Irving, TX, a global marketer of maintenance products, submitted a report concerning an alleged ransomware attack. The company detected suspicious network activity inside its networks on March 5, 2021, that made […]

Ransomware attacks have gone up considerably in the last 12 months, nevertheless, phishing attacks still bring about problems for companies, based on a recent survey done by Arlington Research together with security company Egress. Nearly […]

Nine critical vulnerabilities were found in the Swisslog Healthcare Translogic Pneumatic Tube System (PTS) stations’ Nexus Control Panel, which are utilized in over 80% of big hospitals in the U.S.A. Pneumatic tube systems are employed […]

Kubernetes is a well-known open-source cloud tool for deploying and running containerized applications. Lately, there were a number of security breaches that allowed hackers to get access to badly secured Kubernetes accounts to steal sensitive […]

Curogram, a texting and telemedicine platform provider, has exhibited its dedication to comply with the Health Insurance Portability and Accountability Act (HIPAA) Regulations. Compliancy Group has confirmed Curogram to have executed an efficient HIPAA compliance […]

Harris County in Texas has uncovered that the personal and health information (PHI) of thousands of people were exposed on the internet. It is likely that unauthorized individuals may have accessed this data. Under Harris […]