U.S. Politics in Real Time · @uspolitics
4525 followers · 4003 posts · Server mastodon.sdf.org
Dissent Doe :cupofcoffee: · @PogoWasRight
1321 followers · 156 posts · Server infosec.exchange

Jelly Bean Communications Design and its Manager Settle False Claims Act Liability for Cybersecurity Failures on Florida Medicaid Enrollment Website

DOJ Press Release:
justice.gov/opa/pr/jelly-bean-

Settlement Agreement:
justice.gov/opa/press-release/

Why don't we see anything about what Jelly Bean has to do going forward with respect to security? It would have been nice to see that in the settlement terms.


#infosec #cybersecurity #databreach #businessassociate #hipaa #medicaid #falseclaimsact #dataprotection #patch

Last updated 2 years ago

Dissent Doe :cupofcoffee: · @PogoWasRight
1312 followers · 138 posts · Server infosec.exchange

@lawrenceabrams @BleepingComputer

. I had just sent inquiries to Aliva Health and Medminder this afternoon asking them if they would confirm or deny that they were victims of the Fortra/GoAnywhere attack. So far, there's nothing on their sites or on HHS's public breach tool, but I suspect it's only a matter of time until we see them added there.

#gmta #hipaa #hitech #databreach #healthsec #businessassociate #vendor #clop #ransomware #dataprotection

Last updated 2 years ago

Dissent Doe :cupofcoffee: · @PogoWasRight
1304 followers · 147 posts · Server infosec.exchange

A third-party breach that impacted Northwest Mothers Milk Bank in Oregon has also affected Rogers Hixon Ontario Human Milk Bank in Canada. The breach was in December at Timeless Medical Systems.

Timeless informed milk bank clients that "some files were acquired from the TMS network by an unknown third party, after which TMS took steps to mitigate the potential impact of the incident, recovered the files, and informed affected parties."

The data involved included a lot of data protected under HIPAA in the U.S. and PHIPA in Canada:

"milk donor applicant and infant names, date of birth, address, phone number, milk donor application contents (including self-reported information, medical health validation, blood screening results and/or required health and lifestyle updates), health care provider name, and lab generated patient ID, to the extent you or a family member provided the foregoing information in
dealing with NWMMB as a donor"

Timeless does not explain how they recovered the files. They do not mention ransomware, and they do not indicate whether any ransom was either demanded or paid.

Notification from Northwest Mothers Milk Bank: agportal-s3bucket.s3.amazonaws

Media coverage of Rogers Hixon Ontario Human Milk Bank: cbc.ca/news/canada/toronto/hum

#databreach #dataprotection #businessassociate #infosec #cybersecurity #incidentresponse #healthsec

Last updated 2 years ago

Dissent Doe :cupofcoffee: · @PogoWasRight
1300 followers · 121 posts · Server infosec.exchange
Dissent Doe :cupofcoffee: · @PogoWasRight
1288 followers · 108 posts · Server infosec.exchange

Sentara Health notifying 741 patients after mistake by Coronis Health employee: databreaches.net/sentara-healt

Good example of the value of having a compliance hotline or data security reporting number displayed on your website.

#databreach #dataprotection #infosec #responsibledisclosure #healthsec #businessassociate

Last updated 2 years ago

Dissent Doe :cupofcoffee: · @PogoWasRight
1244 followers · 124 posts · Server infosec.exchange

Medical records for 4,158 Garrison Women's Health patients were corrupted and unrecoverable after an incident involving its IT vendor, Global Network Systems.

GWH's substitute notice doesn't say this was a ransomware attack, but data was made unavailable and found to be corrupted/unrecoverable. I've sent an inquiry to the vendor to try to get more details.

databreaches.net/medical-recor

#databreach #dataprotection #infosec #healthsec #hipaa #backup #recovery #businessassociate

Last updated 2 years ago

Dissent Doe :cupofcoffee: · @PogoWasRight
1239 followers · 167 posts · Server infosec.exchange

The Center for Autism and Related Disorders notifies patients after vendor's error caused HIPAA breach: databreaches.net/the-center-fo

I have a question about part of their incident response, though. See what you think.

#databreach #dataprotection #infosec #healthsec #vendor #businessassociate #hipaa #incidentresponse

Last updated 2 years ago

Dissent Doe :cupofcoffee: · @PogoWasRight
1216 followers · 141 posts · Server infosec.exchange
Dissent Doe :cupofcoffee: · @PogoWasRight
1205 followers · 132 posts · Server infosec.exchange

Diligent Corp. had to send more notifications after learning, the hard way, that a May 2022 hacking incident was even bigger than they had discovered: data that they hadn't thought had been accessed had been accessed and exfiltrated, and was now appearing on the internet.

databreaches.net/bigger-than-t


@campuscodi @allan @brett @gossi @zackwhittaker @lawrenceabrams

#databreach #dataprotection #hipaa #incidentresponse #infosec #cybersecurity #forensics #phi #businessassociate #saas #transparency

Last updated 2 years ago

So it's not clear what happened that led to NextGen's listing being removed from BlackCat's leak site, but now it's back with the same info and proof screencaps as before.

#blackcat #ALPHV #ransomware #nextgen #databreach #dataprotection #infosec #cybersecurity #businessassociate

Last updated 2 years ago

Dissent Doe :cupofcoffee: · @PogoWasRight
1090 followers · 102 posts · Server infosec.exchange

Some sites that have reported on the Captify/Your Patient Advisor state that the entity is a under .

They are in error.

Captify/Your Patient Advisor is a business associate in other activities and contexts, but this was a purchase of a colonoscopy prep kit in an online store. Although payment card information was breached, there was no protected health information involved in this incident.

So they do not need to report this incident, which impacted 244,296 consumers, to HHS, but I'm betting they have a big headache because they were alerted to fraudulent card use in March 2021, the malware was injected in May 2019, and they didn't conclude their investigation until October 2022.

#databreach #businessassociate #hipaa #pcidss #dataprotection #creditcard #paymentportal #malware

Last updated 2 years ago

Dissent Doe :cupofcoffee: · @PogoWasRight
1053 followers · 125 posts · Server infosec.exchange

As if CommonSpirit didn't have enough stress dealing with recovery from a attack, in September they discovered that a business associate had made data extraction errors. When they contacted the BA to get corrections, the BA stopped responding to them and there were signs that the business had folded -- still holding hundreds of thousands of patients' records.

CommonSpirit got a court injunction for the BA to return all PHI or provide certificates of destruction.

I am not sure whether this problem had anything at all to do with the recovery from the attack -- could be totally unrelated, but what a stress. I've reached out to CommonSpirit to ask if this was unrelated or related.

databreaches.net/commonspirit-

#ransomware #hipaa #businessassociate #baa #dataprotection #injunction

Last updated 2 years ago

The Centers for Medicare and Medicaid Services (CMS) has issued a press release after a subcontractor was hit with a ransomware attack.

The attack at Healthcare Management Solutions LLC has the potential to impact PII, PHI, and banking information of 254,000 people.

CMS is actually issuing those affected new Medicare cards and new Medicare numbers.

You can read their full press release here: cms.gov/newsroom/press-release

CMS states that preliminary info indicates that the subcontractor violated their obligations to CMS, but they don't explain why they say that or what HMS supposedly did or didn't do that violated their obligations. I've reached out to CMS with some questions and hopefully we'll know more tomorrow.

#ransomware #databreach #medicare #cms #infosec #cybersecurity #incidentresponse #hipaa #businessassociate #pii #phi #vendor

Last updated 2 years ago