Circles of Care in Florida sued over a data breach involving confidential and sensitive information:
They were attacked in September by AlphV, aka BlackCat, who added the incident to their leak site on October 6. Still, they did not disclose until January 3, and even then, their disclosure omits telling patients about it involving ransom and a leak site, etc.
The lack of transparency in notifications continues to be appalling.
#DataBreach #HIPAA #HITECH #notification #disclosure #PHI #PII #ProtectedHealthInformation #transparency #ransomware #extortion #exfiltration #HealthSec #cybersecurity
#databreach #hipaa #hitech #notification #disclosure #phi #pii #protectedhealthinformation #transparency #ransomware #extortion #exfiltration #healthsec #cybersecurity
San Gorgonio Memorial Hospital back online after #malware attack led to 6-day shutdown of #EHR as they investigated.
The word "ransomware" has not been used (yet?), and no mention of any #ransom demand.
#infosec #cybersecurity #cyberattack #ProtectedHealthInformation
#malware #ehr #ransom #infosec #cybersecurity #cyberattack #protectedhealthinformation
In its newest media release sent to journalists/press, #Medibank does something I don't think I've ever seen done before: They have gone through all the data leaked so far by the threat actors, analyzed it, and described it in detail for journalists. By what they have done and how they are doing it, they are doing a terrific job of correcting misimpressions created by the labels used by the threat actors. I am glad to see Medibank address the misnomers such as "abortions" and "naughty" and other inaccurate labels or claims in other leaks by the same group.
Medibank asks journalists not to download needlessly, and by providing analyses and detailed information, they reduce the need for journalists to download data. Hopefully, they also reduce the likelihood that reporters will repeat the threat actors' inaccurate claims.
#Ransomware #Extortion #ProtectedHealthInformation #PersonallyIdentifiable Information #pii #phi #journalism #ethics
#Medibank #ransomware #extortion #protectedhealthinformation #personallyidentifiable #pii #phi #journalism #ethics