8fit
July 1, 2018
•[ leak, healthcare ]
In July 2018, the health and fitness service 8fit suffered a data breach. The data subsequently appeared for sale on a dark web marketplace in February 2019 and included over 15M unique email addresses alongside names, genders, IP addresses and passwords stored as bcrypt hashes. The data was provided to HIBP by dehashed.com.
Hunt Regional Medical Center
June 29, 2018
•[ hack, healthcare ]
Hunt Regional Medical Center notifies patients of a possible breach due to the hack of an employee email occurred on May 1st, 2018.
Humana
June 21, 2018
•[ hack, brute-force, healthcare ]
Health insurer Humana notifies an unspecified number of health plan members after detecting and blocking a credential stuffing attack against Humana.com and Go365.com. The attacks took place on June 3 and June 4 from overseas IP addresses.
Med Associates
June 19, 2018
•[ financial, healthcare ]
Med Associates notifies its patients that the facility suffered a data breach on March 22, when unusual activity was detected, potentially exposing PII, including medical diagnosis and payment card information of about 270,000 patients.
CarePartners
June 18, 2018
•[ hack, healthcare ]
CarePartners' computer system is breached and as a result patient and employee information including personal health and financial information, are inappropriately accessed.
Med Associates
June 14, 2018
•[ leak, healthcare ]
Med Associates, notifies of a security incident that may have compromised its patients protected information.
Black River Medical Center
June 13, 2018
•[ social, phishing, healthcare ]
Black River Medical Center in Missouri notifies an unspecified number of patients potentially affected by a phishing incident discovered on April 23.
Elmcroft Senior Living
June 8, 2018
•[ leak, healthcare ]
The personal information of Elmcroft Senior Living residents and their family members, employees and others could have been stolen in a data breach that occurred in mid-May.
RISE Wisconsin
June 7, 2018
•[ ransomware, malware, healthcare ]
RISE Wisconsin (formerly Community Partnerships and Center for Families) notifies its participants of a ransomware attack occurred on April 8, 2018.
MyHeritage
June 4, 2018
•[ leak, healthcare ]
MyHeritage, the genealogy website and DNA testing service, warns that the email addresses and hashed passwords of its customer database, approximately 92 million user accounts, have been found on a private server.
Holland Eye Surgery & Laser Center
June 2, 2018
•[ hack, healthcare ]
Holland Eye Surgery & Laser Center notifies 42,200 patients about a hack occurred in 2016.
Associates in Psychiatry and Psychology
May 24, 2018
•[ ransomware, malware, healthcare ]
Associates in Psychiatry and Psychology notifies 6,546 patients and the U.S. Department of Health and Human Services (HHS) of a ransomware incident that occurred in March.
Allied Physicians
May 20, 2018
•[ ransomware, malware, healthcare ]
Allied Physicians reports it was hit with a SamSam ransomware attack earlier this month (May 17).
LifeBridge Health
May 16, 2018
•[ hack, malware, healthcare ]
LifeBridge Health and LifeBridge Potomac Professionals notify patients about a malware incident that occurred back in March 18, 2018. The number of affected patients could be 500,000.
Family Planning NSW
May 14, 2018
•[ ransomware, malware, healthcare ]
Family Planning NSW tells customers their personal information may have been compromised after the not-for-profit fell victim to a ransomware attack. Around 8,000 users might be affected.
The Oregon Clinic
May 9, 2018
•[ hack, phishing, healthcare ]
The Oregon Clinic announces that a data security incident may have affected protected health information (PHI) after an unauthorized third party accessed an internal email account.
Billings Clinic
April 27, 2018
•[ hack, misconfiguration, healthcare ]
Billings Clinic notifies 949 patients of a breach affecting its email security system causing an unknown individual to access patients' information back in February.
Scenic Bluffs Community Health Centers
April 27, 2018
•[ hack, phishing, healthcare ]
Scenic Bluffs Community Health Centers notifies 2,889 patients of a potential breach of personal patient information after discovering March 1, 2018, that one staff email account had been hacked on Feb. 28, 2018, by an unauthorized party.
California's Center for Orthopaedic Specialists (COS)
April 18, 2018
•[ ransomware, malware, healthcare ]
California's Center for Orthopaedic Specialists (COS) discloses to have been hit by a ransomware attack. The incident impacts the records of approximately 85,000 patients across three facilities in West Hills, Simi Valley and Westlake Village.
Sangamo Therapeutics
April 18, 2018
•[ hack, phishing, healthcare ]
Sangamo Therapeutics announces a data security incident involving compromise of a senior executive's company email account.
