Southern College of Optometry
July 16, 2018
•[ hack, healthcare ]
The Southern College of Optometry notifies an undisclosed number of students whose student loan information and Social Security numbers were in an employee email account that was hacked.
University of Pittsburgh Medical Center - Cole
July 16, 2018
•[ social, phishing, healthcare ]
UPMC Cole has notified 790 patients treated at UPMC Cole that their personal information may have been inappropriately accessed after two phishing attacks on June 7 and June 14.
Mahatma Gandhi Mission Hospital
July 15, 2018
•[ ransomware, malware, healthcare ]
The Mahatma Gandhi Mission Hospital in Mumbai is hit by a ransomware attack.
Billings Clinic
July 13, 2018
•[ social, healthcare ]
Billings Clinic discloses a breach exposing details of 8,400 patients. The organization detected anomalous activity on one of the employees' email accounts on May 14, 2018. The investigation revealed the account was compromised while the employee was travelling.
Alive Hospice
July 13, 2018
•[ social, leak, phishing ]
Alive Hospice notifies patients whose personal and protected health information were in employee emails that were accessed by an unknown person or persons beginning on December 20, 2017 and again on April 5, 2018 after two employees fell prey to phishing attempts.
Cass Regional Medical Center
July 10, 2018
•[ ransomware, malware, healthcare ]
Cass Regional Medical Center, a Missouri health care center, announces that they have been affected by an undisclosed ransomware. This incident affected their internal communications system and their electronic health record (EHR) system.
MSK Group
July 5, 2018
•[ hack, healthcare ]
MSK Group notifies patients of a data security incident that they discovered on May 7, due to an unauthorized access to certain parts of the network at times over several month.
8fit
July 1, 2018
•[ leak, healthcare ]
In July 2018, the health and fitness service 8fit suffered a data breach. The data subsequently appeared for sale on a dark web marketplace in February 2019 and included over 15M unique email addresses alongside names, genders, IP addresses and passwords stored as bcrypt hashes. The data was provided to HIBP by dehashed.com.
Hunt Regional Medical Center
June 29, 2018
•[ hack, healthcare ]
Hunt Regional Medical Center notifies patients of a possible breach due to the hack of an employee email occurred on May 1st, 2018.
Humana
June 21, 2018
•[ hack, brute-force, healthcare ]
Health insurer Humana notifies an unspecified number of health plan members after detecting and blocking a credential stuffing attack against Humana.com and Go365.com. The attacks took place on June 3 and June 4 from overseas IP addresses.
Med Associates
June 19, 2018
•[ financial, healthcare ]
Med Associates notifies its patients that the facility suffered a data breach on March 22, when unusual activity was detected, potentially exposing PII, including medical diagnosis and payment card information of about 270,000 patients.
CarePartners
June 18, 2018
•[ hack, healthcare ]
CarePartners' computer system is breached and as a result patient and employee information including personal health and financial information, are inappropriately accessed.
Med Associates
June 14, 2018
•[ leak, healthcare ]
Med Associates, notifies of a security incident that may have compromised its patients protected information.
Black River Medical Center
June 13, 2018
•[ social, phishing, healthcare ]
Black River Medical Center in Missouri notifies an unspecified number of patients potentially affected by a phishing incident discovered on April 23.
Elmcroft Senior Living
June 8, 2018
•[ leak, healthcare ]
The personal information of Elmcroft Senior Living residents and their family members, employees and others could have been stolen in a data breach that occurred in mid-May.
RISE Wisconsin
June 7, 2018
•[ ransomware, malware, healthcare ]
RISE Wisconsin (formerly Community Partnerships and Center for Families) notifies its participants of a ransomware attack occurred on April 8, 2018.
MyHeritage
June 4, 2018
•[ leak, healthcare ]
MyHeritage, the genealogy website and DNA testing service, warns that the email addresses and hashed passwords of its customer database, approximately 92 million user accounts, have been found on a private server.
Holland Eye Surgery & Laser Center
June 2, 2018
•[ hack, healthcare ]
Holland Eye Surgery & Laser Center notifies 42,200 patients about a hack occurred in 2016.
Associates in Psychiatry and Psychology
May 24, 2018
•[ ransomware, malware, healthcare ]
Associates in Psychiatry and Psychology notifies 6,546 patients and the U.S. Department of Health and Human Services (HHS) of a ransomware incident that occurred in March.
Allied Physicians
May 20, 2018
•[ ransomware, malware, healthcare ]
Allied Physicians reports it was hit with a SamSam ransomware attack earlier this month (May 17).
