fosstodon.org is one of the many independent Mastodon servers you can use to participate in the fediverse.
Fosstodon is an invite only Mastodon instance that is open to those who are interested in technology; particularly free & open source software. If you wish to join, contact us for an invite.

Administered by:

Server stats:

8.8K
active users

#healthsec

0 posts0 participants0 posts today
Dissent Doe :cupofcoffee:<p>NEW: Qilin claims attack on Accu Reference Medical Laboratory. It wasn't the lab's first data breach:</p><p><a href="https://databreaches.net/2025/07/11/qilin-claims-attack-on-accu-reference-medical-laboratory-it-wasnt-the-labs-first-data-breach/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">databreaches.net/2025/07/11/qi</span><span class="invisible">lin-claims-attack-on-accu-reference-medical-laboratory-it-wasnt-the-labs-first-data-breach/</span></a></p><p><a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ransomware</span></a> <a href="https://infosec.exchange/tags/notification" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>notification</span></a> <a href="https://infosec.exchange/tags/healthsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>healthsec</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/transparency" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>transparency</span></a></p>
Dissent Doe :cupofcoffee:<p>NEW: Avantic Medical Lab hacked; patient data leaked by Everest Group:</p><p><a href="https://databreaches.net/2025/07/09/avantic-medical-lab-hacked-patient-data-leaked-by-everest-group/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">databreaches.net/2025/07/09/av</span><span class="invisible">antic-medical-lab-hacked-patient-data-leaked-by-everest-group/</span></a></p><p><a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/extortion" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>extortion</span></a> <a href="https://infosec.exchange/tags/healthsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>healthsec</span></a> <a href="https://infosec.exchange/tags/HIPAA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HIPAA</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/ransom" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ransom</span></a></p>
Dissent Doe :cupofcoffee:<p>Integrated Oncology Network victim of phishing attack; multiple locations affected:</p><p><a href="https://databreaches.net/2025/07/08/integrated-oncology-network-victim-of-phishing-attack-multiple-locations-affected/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">databreaches.net/2025/07/08/in</span><span class="invisible">tegrated-oncology-network-victim-of-phishing-attack-multiple-locations-affected/</span></a></p><p>No group seems to have claimed responsibility as yet and ION makes no mention of any extortion demand.</p><p><a href="https://infosec.exchange/tags/healthsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>healthsec</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/businessassociate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>businessassociate</span></a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a></p>
Dissent Doe :cupofcoffee:<p>HHS' Office for Civil Rights Settles HIPAA Privacy and Security Rule Investigation with Deer Oaks Behavioral Health for $225k and a Corrective Action Plan:</p><p><a href="https://databreaches.net/2025/07/08/hhs-office-for-civil-rights-settles-hipaa-privacy-and-security-rule-investigation-with-deer-oaks-behavioral-health-for-225k-and-a-corrective-action-plan/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">databreaches.net/2025/07/08/hh</span><span class="invisible">s-office-for-civil-rights-settles-hipaa-privacy-and-security-rule-investigation-with-deer-oaks-behavioral-health-for-225k-and-a-corrective-action-plan/</span></a></p><p>This was a ransomware attack in 2023 claimed by LockBit. Deer Oaks was already under investigation for a prior breach and HHS OCR expanded their case. </p><p><a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/healthsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>healthsec</span></a> <a href="https://infosec.exchange/tags/HIPAA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HIPAA</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ransomware</span></a> <a href="https://infosec.exchange/tags/LockBit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LockBit</span></a> <a href="https://infosec.exchange/tags/HHS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HHS</span></a> <a href="https://infosec.exchange/tags/OCR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OCR</span></a></p>
Dissent Doe :cupofcoffee:<p>Kentfield Hospital is a critical care hospital in California. They appear to have been the victim of a cyberattack by World Leaks, who claim to use an exfiltration-extortion model. </p><p>The hospital has not responded to an inquiry sent to it over the weekend, so they have neither confirmed nor denied any attack at this point, but I was able to preview the data tranche and reported on it all here: </p><p><a href="https://databreaches.net/2025/07/05/kentfield-hospital-victim-of-cyberattack-by-world-leaks-patient-data-involved/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">databreaches.net/2025/07/05/ke</span><span class="invisible">ntfield-hospital-victim-of-cyberattack-by-world-leaks-patient-data-involved/</span></a></p><p><a href="https://infosec.exchange/tags/HIPAA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HIPAA</span></a> <a href="https://infosec.exchange/tags/healthsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>healthsec</span></a> <a href="https://infosec.exchange/tags/PHI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PHI</span></a> <a href="https://infosec.exchange/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PII</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/extortion" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>extortion</span></a></p>
Dissent Doe :cupofcoffee:<p>NEW: Kentfield Hospital victim of cyberattack by World Leaks, patient data involved: <a href="https://databreaches.net/2025/07/05/kentfield-hospital-victim-of-cyberattack-by-world-leaks-patient-data-involved/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">databreaches.net/2025/07/05/ke</span><span class="invisible">ntfield-hospital-victim-of-cyberattack-by-world-leaks-patient-data-involved/</span></a></p><p><a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/HealthSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HealthSec</span></a> <a href="https://infosec.exchange/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PII</span></a> <a href="https://infosec.exchange/tags/PHI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PHI</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/extortion" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>extortion</span></a> <a href="https://infosec.exchange/tags/ransom" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ransom</span></a> <br><a href="https://infosec.exchange/tags/WorldLeaks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WorldLeaks</span></a></p>
Dissent Doe :cupofcoffee:<p>Horizon Healthcare RCM is a business associate to numerous healthcare systems and entities.This past week, they disclosed that they were hit with a ransomware attack in December and that they paid to get the unnamed threat actor(s) to delete the stolen data. </p><p>So far, they have not disclosed any numbers and none of their affected clients (assuming,for now, that there <em>are</em> affected clients) have reported the incident to HHS or any regulators that I can spot. </p><p>This may or may not wind up being another big breach when we start finding out how many entities were affected and how many patients each. As always, going after third-party vendors is like "open sesame" for threat actors. </p><p><a href="https://databreaches.net/2025/06/29/horizon-healthcare-rcm-discloses-ransomware-attack-in-december/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">databreaches.net/2025/06/29/ho</span><span class="invisible">rizon-healthcare-rcm-discloses-ransomware-attack-in-december/</span></a></p><p><a href="https://infosec.exchange/tags/HealthSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HealthSec</span></a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ransomware</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/businessassociate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>businessassociate</span></a></p>
Dissent Doe :cupofcoffee:<p>With great thanks to <span class="h-card" translate="no"><a href="https://infosec.exchange/@masek" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>masek</span></a></span> and <span class="h-card" translate="no"><a href="https://infosec.exchange/@JayeLTee" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>JayeLTee</span></a></span> and others who assisted or tried to, including Rogers ISP and law enforcement in Canada, we can finally say:</p><p>Bolton Walk-In Clinic patient data leak locked down! </p><p>Read about this very frustrating effort to get exposed patient data locked down:</p><p><a href="https://databreaches.net/2025/06/30/bolton-walk-in-clinic-patient-data-leak-locked-down-finally/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">databreaches.net/2025/06/30/bo</span><span class="invisible">lton-walk-in-clinic-patient-data-leak-locked-down-finally/</span></a></p><p><a href="https://infosec.exchange/tags/healthsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>healthsec</span></a> <a href="https://infosec.exchange/tags/PHIPA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PHIPA</span></a> <a href="https://infosec.exchange/tags/HIPA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HIPA</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incidentresponse</span></a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a></p>
Dissent Doe :cupofcoffee:<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@masek" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>masek</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@JayeLTee" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>JayeLTee</span></a></span> For the life of me, I cannot understand why this got kicked over to the anti-rackets branch, but thank you for what you managed to accomplish. </p><p>I will post an update to this leak on my blog sometime this week, but in the interim:</p><p>Any patients of the Bolton Walk-In Clinic should consider filing a complaint with the provincial Privacy Commission and requesting an investigation into the clinic's failure to comply with medical privacy laws such as PHIPA. IMO, the IPC should also be asked to require the clinic to notify every patient whose unencrypted information was exposed. </p><p>Additional details about earlier efforts by <span class="h-card" translate="no"><a href="https://infosec.exchange/@JayeLTee" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>JayeLTee</span></a></span> and I to get this leak secured can be found in my post at <a href="https://databreaches.net/2024/12/03/bolton-walk-in-clinic-in-ontario-lock-down-your-backup-already/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">databreaches.net/2024/12/03/bo</span><span class="invisible">lton-walk-in-clinic-in-ontario-lock-down-your-backup-already/</span></a></p><p><a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incidentresponse</span></a> <a href="https://infosec.exchange/tags/PHIPA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PHIPA</span></a> <a href="https://infosec.exchange/tags/Ontario" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ontario</span></a> <a href="https://infosec.exchange/tags/healthsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>healthsec</span></a></p>
Dissent Doe :cupofcoffee:<p>Two more victims of the Cerner/Oracle Health legacy data breach have disclosed this month:</p><p>Tallahassee Memorial Hospital <br><a href="https://www.tallahassee.com/story/money/2025/06/18/letter-tmh-data-breach-traced-to-past-data-migration-by-vendor/84252923007/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">tallahassee.com/story/money/20</span><span class="invisible">25/06/18/letter-tmh-data-breach-traced-to-past-data-migration-by-vendor/84252923007/</span></a></p><p>and </p><p>Mosaic Life Care<br><a href="https://www.mymlc.com/Main/About-Mosaic-Life-Care/Media-and-Public-Relations/notice-of-oracle-healthcerner-data-security-incident/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">mymlc.com/Main/About-Mosaic-Li</span><span class="invisible">fe-Care/Media-and-Public-Relations/notice-of-oracle-healthcerner-data-security-incident/</span></a></p><p>Union Health had disclosed in April: <br><a href="https://www.union.health/news/noticeoforaclehealthcernerdatasecurityincident" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">union.health/news/noticeoforac</span><span class="invisible">lehealthcernerdatasecurityincident</span></a></p><p>There are likely more disclosures to come.</p><p><a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/healthsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>healthsec</span></a> <a href="https://infosec.exchange/tags/businessassociate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>businessassociate</span></a> <a href="https://infosec.exchange/tags/legacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>legacy</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> </p><p><span class="h-card" translate="no"><a href="https://mastodon.social/@campuscodi" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>campuscodi</span></a></span></p>
Dissent Doe :cupofcoffee:<p>NEW: Horizon Healthcare RCM discloses ransomware attack in December:</p><p><a href="https://databreaches.net/2025/06/29/horizon-healthcare-rcm-discloses-ransomware-attack-in-december/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">databreaches.net/2025/06/29/ho</span><span class="invisible">rizon-healthcare-rcm-discloses-ransomware-attack-in-december/</span></a></p><p>The attack did encrypt files and it seems that Horizon paid to get data deleted. </p><p>There is much we don't know yet, including how many patients total were affected, and which of their clients had affected patients. </p><p>See the post for more information. </p><p><a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/healthsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>healthsec</span></a> <a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ransomware</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/businessassociate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>businessassociate</span></a> </p><p><span class="h-card" translate="no"><a href="https://mastodon.social/@campuscodi" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>campuscodi</span></a></span></p>
Dissent Doe :cupofcoffee:<p>CMS warns Medicare providers of fraud scheme: <a href="https://www.cms.gov/training-education/medicare-learning-network/newsletter/2025-06-26-mlnc#_Toc201664984" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">cms.gov/training-education/med</span><span class="invisible">icare-learning-network/newsletter/2025-06-26-mlnc#_Toc201664984</span></a></p><p>Scammers are impersonating the Centers for Medicare &amp; Medicaid Services and sending phishing fax requests for medical records and documentation, falsely claiming to be part of a Medicare audit.</p><p>I can see how medical records personnel or third-party records compliance vendors could be duped into providing records. </p><p>I wonder how seriously entities are taking this. Are they really warning all personnel who process medical records requests? I hope so. </p><p><a href="https://infosec.exchange/tags/CMS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CMS</span></a> <a href="https://infosec.exchange/tags/Medicare" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Medicare</span></a> <a href="https://infosec.exchange/tags/MedRec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MedRec</span></a> <a href="https://infosec.exchange/tags/HealthSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HealthSec</span></a> <a href="https://infosec.exchange/tags/phishing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>phishing</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a></p>
Dissent Doe :cupofcoffee:<p>NEW: Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024:</p><p><a href="https://databreaches.net/2025/06/28/texas-centers-for-infectious-disease-associates-notifies-individuals-of-data-breach-in-2024/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">databreaches.net/2025/06/28/te</span><span class="invisible">xas-centers-for-infectious-disease-associates-notifies-individuals-of-data-breach-in-2024/</span></a></p><p><a href="https://infosec.exchange/tags/HealthSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HealthSec</span></a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/thirdparty" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>thirdparty</span></a> <a href="https://infosec.exchange/tags/businessassociate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>businessassociate</span></a> <a href="https://infosec.exchange/tags/BianLian" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BianLian</span></a></p>
Dissent Doe :cupofcoffee:<p>NEW: Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected:</p><p><a href="https://databreaches.net/2025/06/27/northern-light-health-patients-affected-by-security-incident-at-compumedics-10-healthcare-entities-affected/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">databreaches.net/2025/06/27/no</span><span class="invisible">rthern-light-health-patients-affected-by-security-incident-at-compumedics-10-healthcare-entities-affected/</span></a></p><p><a href="https://infosec.exchange/tags/HealthSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HealthSec</span></a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/businessassociate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>businessassociate</span></a> <a href="https://infosec.exchange/tags/thirdparty" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>thirdparty</span></a> <a href="https://infosec.exchange/tags/vendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vendor</span></a> <a href="https://infosec.exchange/tags/Compumedics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Compumedics</span></a></p>
Dissent Doe :cupofcoffee:<p>Update to the Covenant Health cyberattack in May that affected a few hospitals in Maine and New Hampshire:</p><p>Qilin has added Covenant to its leak site. The 8 screengabs they provide as POC all related to employee/personnel info. </p><p>They do not make any specific claims about amount of data or whether patient data was also acquired. </p><p><a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/healthsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>healthsec</span></a></p>
Dissent Doe :cupofcoffee:<p>McLaren provides written notice to 743,131 patients after ransomware attack in July 2024:</p><p><a href="https://databreaches.net/2025/06/22/mclaren-provides-written-notice-to-743131-patients-after-ransomware-attack-in-july-2024/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">databreaches.net/2025/06/22/mc</span><span class="invisible">laren-provides-written-notice-to-743131-patients-after-ransomware-attack-in-july-2024/</span></a></p><p><a href="https://infosec.exchange/tags/HealthSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HealthSec</span></a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/encryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>encryption</span></a> <a href="https://infosec.exchange/tags/extortion" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>extortion</span></a> <a href="https://infosec.exchange/tags/transparency" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>transparency</span></a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incidentresponse</span></a> </p><p>This was their second ransomware attack in a year. Personal injury lawyers are already recruiting plaintiffs. </p><p><span class="h-card" translate="no"><a href="https://mastodon.social/@campuscodi" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>campuscodi</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@amvinfe" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>amvinfe</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@brett" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>brett</span></a></span></p>
Dissent Doe :cupofcoffee:<p>"The minister disclosed that hackers encrypted the NHIS and demanded payment, assuring MPs 'the hackers won’t damage the information on the NHIS. ' "</p><p>That's from the Tonga Ministry of Health commenting on encryption of its national health information system and ransom demand.</p><p><a href="https://talanoaotonga.to/health-ministrys-information-system-hit-by-ransomware-attack/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">talanoaotonga.to/health-minist</span><span class="invisible">rys-information-system-hit-by-ransomware-attack/</span></a></p><p>There is no explanation of how she knows that the (unnamed) hackers won't damage the information on the system. </p><p>The system is currently offline so I can't even email the ministry to ask. </p><p><a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ransomware</span></a> <a href="https://infosec.exchange/tags/healthsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>healthsec</span></a> <a href="https://infosec.exchange/tags/Tonga" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tonga</span></a></p>
Dissent Doe :cupofcoffee:<p>Alleged Geisinger hacker will defend himself pro se.</p><p>What's that old adage about someone defending themself instead of using a lawyer? That they have a fool for a client? </p><p>I've uploaded two of his filings -- the motion to defend pro se, which was granted, and now an emergency motion to be temporarily released from prison because... well, he gives some reasons. You'll see. </p><p><a href="https://databreaches.net/2025/06/18/alleged-geisinger-hacker-will-defend-himself-pro-se/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">databreaches.net/2025/06/18/al</span><span class="invisible">leged-geisinger-hacker-will-defend-himself-pro-se/</span></a></p><p>And fwiw, Nuance never responded to my inquiries at the time of his arrest asking about what kind of background check they had done because his history revealed a number of past run-ins with the law. </p><p><a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/healthsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>healthsec</span></a> <a href="https://infosec.exchange/tags/businessassociate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>businessassociate</span></a> <a href="https://infosec.exchange/tags/HIPAA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HIPAA</span></a> <a href="https://infosec.exchange/tags/insiderthreat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>insiderthreat</span></a> <a href="https://infosec.exchange/tags/idtheft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>idtheft</span></a> <a href="https://infosec.exchange/tags/fraud" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fraud</span></a></p>
Dissent Doe :cupofcoffee:<p>Tallahassee Memorial Healthcare reveals it was impacted by Cerner/Legacy Oracle cyberattack:</p><p><a href="https://www.wtxl.com/news/local-news/tmh-releases-information-regarding-a-cybersecurity-event-that-happened-in-january" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">wtxl.com/news/local-news/tmh-r</span><span class="invisible">eleases-information-regarding-a-cybersecurity-event-that-happened-in-january</span></a></p><p>In April, Union Health System in Indiana notified HHS that almost 263,000 of its patients had been affected by the incident. </p><p>So far, these are the only two reports I've found related to the incident. But I am betting there are a lot more we don't yet know about. </p><p>I haven't found any threat actor or group claiming responsibility for the attack or leaking any data from it. </p><p><a href="https://infosec.exchange/tags/HealthSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HealthSec</span></a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/riskassessment" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>riskassessment</span></a></p>
Dissent Doe :cupofcoffee:<p>IMPACT: 170 patients harmed as a result of Qilin’s ransomware attack on NHS vendor Synnovis:</p><p><a href="https://www.gazetteandherald.co.uk/news/national/25248263.170-patients-harmed-result-cyber-attack/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">gazetteandherald.co.uk/news/na</span><span class="invisible">tional/25248263.170-patients-harmed-result-cyber-attack/</span></a></p><p>This updates numbers reported in January. HSJ article is behind paywall though.</p><p><a href="https://infosec.exchange/tags/HealthSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HealthSec</span></a> <a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ransomware</span></a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/harm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>harm</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> </p><p><span class="h-card" translate="no"><a href="https://infosec.exchange/@brett" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>brett</span></a></span></p>