For more than a month, two separate employee accounts were compromised by the cyberattacks before the IT department discovered the hack. The first email compromise began on June 28, the second on July 9, but officials said the IT department did not discover the hack until August. The subsequent investigation could not determine whether the
A researcher discovered the North Carolina-based tech vendor is leaking protected patient data through its Amazon S3 bucket twice in a month. Security researcher Britton White contacted DataBreaches.net that MedCall, a workers compensation and healthcare solutions vendor, left a storage bucket containing 10,000 files exposed to the internet, available for download and or deletion or
Warning: Attackers behind the recently revealed Facebook mega-breach may still be able to access victims’ accounts at some third-party web services and mobile apps, and Facebook has offered no timeline for when a full lockdown might occur – although there are no signs of third-party account takeovers.
As seen with Nuance and the Allscripts lawsuit, when a breach or cyber incident occurs like ransomware or network outage an organization can face serious ramifications for failing to be transparent about what happened.
Because business associates have been culprits in heath data breaches impacting millions of individuals, healthcare entities need to be diligent in taking steps to reduce the persistent risks these vendors pose, says privacy and security expert Susan Lucci.”Business associates should be viewed as an extension of your workforce,” says Lucci of the consultancy tw-Security.”In other
“Attackers exploited a vulnerability in Facebook’s code that impacted ‘View As,’ a feature that lets people see what their own profile looks like to someone else,” Facebook says in a statement posted Friday. “This allowed them to steal Facebook access tokens, which they could then use to take over people’s accounts. Access tokens are the
Recent additions to the federal health data breach tally shine a light on the mistakes that contribute to breaches – and in some cases, make situations far worse. Breaches added to the Department of Health and Human Services’ HIPAA Breach Reporting Tool website – commonly called the “wall of shame” – in recent weeks range
An employee uploaded a file containing member information to a public-facing website in April, but officials did not discover the error until July. Philadelphia-based Independence Blue Cross is notifying 16,762 patients — about 1 percent of its members — that their data was exposed online for a number of months, due to an employee uploading
Premera Blue Cross is being accused of destroying a key piece of evidence in the class-action lawsuit against the health insurer over a health data breach that compromised PHI on 11 million people.
A newly released report on the Equifax breach from the U.S. Government Accountability Office, titled “Data Protection: Actions Taken by Equifax and Federal Agencies in Response to the 2017 Breach,” provides new details into how the breach occurred and what Equifax could have done to have helped prevent or more rapidly mitigate it, centering on