When I rule the world, new ransomware/extortion gangs will have to take a number and wait until an existing one retires or gets arrested (preferably the latter).
Anyone have any info on the group calling itself "Insomnia?"
#HealthSec
I recently asked #HHS #OCR how any personnel and regional cuts would affect their investigation of breaches of the #HIPAA #SecurityRule and #Notification Rule.
They didn't exactly answer my question as to how many investigators have been laid off, but they did outline their priorities for 2026.
You can read their response to my inquiries in my new post at:
https://databreaches.net/2026/01/15/hhs-ocr-comments-on-its-2026-priorities/
#databreach #healthsec #cybersecurity #ransomware #hacking #risk
New Zealand's high court seems to be handing out injunctions to victim entities. Have they really considered the impact on press/journalism and whether such injunctions are effective at all?
In the past month, we have learned that Manage My Health, Canopy Health, and Neighbourly were all granted injunctions to prevent downloading or sharing of data.
But do these injunctions really protect consumers and patients? Well, no, not really if the criminals leak data anyway.
Is the court just enabling entities to claim they have done everything they can to protect patients or consumers (well, other than actually preventing the breaches)?
Maybe entities should only be granted injunctions if they can first demonstrate that they had reasonable security protections in place and MFA, etc.?
#healthsec #cybersecurity #injunctions #incidentresponse #databreach
Methodist Homes of Alabama and Northwest Florida is notifying residents and employees of its second data breach in seven months.
I wonder what #HHSOCR will do when they investigate.
#HIPAA #SecurityRule #RiskAssessment #cybersecurity #healthsec
NEW: Virginia Urology Silent on Possible Data Breach as Purported Patient Data Begins to Leak:
Updated my post on the Anubis attack on Mid South Pulmonary Specialists after getting additional info from Anubis.
It seems they used their wiper to delete all of MSPS's backups, and then encrypted all of their systems.
That sounds pretty grim. MSPS has not posted anything (perhaps they can't) or issued any notice anywhere about whether patient care has been affected at all by any breach.
#HIPAA #healthsec #cybersecurity #databreach #ransomware #Anubis #wiper #backups #incidentresponse
Anubis hasn't really had a lot of media coverage, but @amvinfe's post about the attack on Mid South Pulmonary & Sleep Specialists was a wake-up call for me. So I took a look at Anubis's dark web leak site and saw they added -- and leaked -- five U.S. healthcare entities in November.
Given that they are not loath to encrypt and wipe victims' data... well... yikes.
#databreach #ransomware #Anubis #HealthSec #cybersecurity #HIPAA #wiper
NEW by me:
From bad to worse: Doctor Alliance hacked again by same threat actor
This is a bad #databreach in terms of the #PII and #PHI acquired by the hacker, "Kazu," who is about to leak it all.
Oof.
Background: I reported on the first breach/attack a few days ago at https://databreaches.net/2025/11/12/doctor-alliance-data-breach-353gb-of-patient-files-allegedly-compromised-ransom-demanded/
When the CEO claimed it was all secured the same day, the hacker got ticked off and went back in and hacked them again.
#HealthSec #HIPAA #BusinessAssociate #thirdparty #vendor #hack #ransom #cybersecurity #incidentresponse
NEW: Doctor Alliance Data Breach: 353GB of Patient Files Allegedly Compromised, Ransom Demanded
#databreach #ransom #healthsec #HIPAA #HITECH #Business_Associate
NEW by me: Veradigm’s Breach Claims Under Scrutiny After Dark Web Leak
https://databreaches.net/2025/11/01/veradigms-breach-claims-under-scrutiny-after-dark-web-leak/
This breach may have affected 2M of Veradigm's clients' patients, but it's pretty much flown under the media radar, and its explanation of how the breach occurred didn't make sense to me after I took a look at a data tranche.
#HealthSec #BusinessAssociate #vendor #hack #incidentresponse #transparency #notification #Rhysida #Veradigm #SunflowerMedicalGroup #databreach
NEW by me: Another plastic surgery practice fell prey to a cyberattack that acquired patient photos and info:
#databreach #healthsec #cybersecurity #HIPAA #hack #exfiltration
I was checking the website of Legacy Health, LLC to see if they had posted a substitute notice about a breach they had reported to the Texas Attorney General's Office. There was no notice about the breach, but by golly, they had a graphic claiming they have a HIPAA SEAL OF COMPLIANCE and are HIPAA VERIFIED.
The shield also says "Compliancy group" as if that's a thing...?
Why oh why, hasn't HHS or the FTC or both ever cracked down on this misleading shite?
NEW: Protected health information of 462,000 members of Blue Cross Blue Shield of Montana was involved in the massive Conduent data breach that occurred between October 2024 and January 2025.
Montana wants to know why this wasn't reported to the state sooner. We'd like to know that, too.
Watsonville Community Hospital had a data breach -- or two. It would be helpful to know which.
Entities that just ignore repeated inquiries should not count on the story going away. We will publish what we know and point out what we don't know because of an entity's lack of transparency.
#databreach #ransom #extortion #transparency #incidentresponse #healthsec #HIPAA #HITECH
This is the first HIPAA-regulated entity I've seen report that they were affected by the #Salesforce campaign.
They report that 2,095 people were affected, but the elements they report could be just PII, so I'm not sure if it's patient data or not.
I've reached out to HHS to ask whether they have been getting any reports related to Salesforce, but let's see if they answer me.
Here's the notification from Rectangle Health: https://mm.nh.gov/files/uploads/doj/remote-docs/rectangle-health-20251008.pdf
They don't make any mention of any ransom demand.
Maybe I can get ShinyHunters to tell me more about this one. We'll see...
#HIPAA #databreach #Salesforce #BusAssociate #ThirdParty #HITECH #healthsec
"Healthcare Interactive, a company that develops AI-based medical insurance benefit enrollment and billing solutions, confirmed last week that it experienced a data breach that involved personal data from customers being moved offsite by hackers.
The exact number of impacted individuals was not revealed. However, the company said stolen data included names, dates of birth, Social Security numbers, contact information and health insurance enrollment data—including ID numbers.
The company also said claims and patient care details were also compromised, including patient diagnoses, provider names, lab results, medical images and treatment plans.
Medical claims were also possibly taken, which includes things like account numbers and billing codes."
@amvinfe It doesn't make sense that the covered entity would store 270k Social Security Numbers. And it makes even less sense that they'd store numbers that aren't valid SSNs. I'd really wish BBJI would respond to your inquiries.
NEW: Archer Health was leaking protected health information. Criminals appear to have found it.
From the "No Need to Hack When It's Leaking" files:
NEW: Survival Flight reports second cybersecurity incident in less than a year:
Kivimäki walks free during appeal over Vastaamo data breach:
It was one of the most vicious and disturbing data breaches of all time. If I ruled the world, he'd never see the light of day for even one day.
For those seeking background, just search databreaches.net for "Vastaamo" and then "Kivimaki"
#healthsec #infosecuity #hack #extortion #Vastaamo #databreach
Client Info
Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst