York Hospital
February 22, 2016
•[ leak, healthcare ]
York Hospital reports a breach of 1,483 employees' identifying information.
V-Tight Gel
February 13, 2016
•[ leak, healthcare ]
In approximately February 2016, data surfaced which was allegedly obtained from V-Tight Gel (vaginal tightening gel). Whilst the data set was titled V-Tight, within there were 50 other (predominantly wellness-related) domain names, most owned by the same entity. Multiple HIBP subscribers confirmed that although they couldn't recall providing data specifically to V-Tight, their personal information including name, phone and physical address was accurate. V-Tight Gel did not reply to multiple requests for comment.
British Association for Counselling and Psychotherapy
February 12, 2016
•[ ransomware, malware, healthcare ]
The first example of a ransomware targeting a website: the website of the British Association for Counselling and Psychotherapy is replaced with instructions on how to pay off the extortionists: $150 ( 100) in Bitcoin.
Magnolia Health Corporation
February 3, 2016
•[ social, phishing, healthcare ]
Magnolia Health Corporation suffers a breach after an unknown perpetrator uses MHC CEO Kensett Moyle's email address to request an Excel spreadsheet containing employee information.
jasacare
January 29, 2016
•[ hack, phishing, healthcare ]
JASACare reports to have been attacked by hackers who managed to gain access to its email system. As a consequence of the breach of an employee's email account, patient and employee data could have been potentially compromised.
Mercy Iowa City
January 26, 2016
•[ leak, malware, healthcare ]
Mercy Iowa City and Mercy Clinic notify patients that a malware discovered on their systems could have compromised the identities of 15,000 users.
Hurley Medical Center
January 21, 2016
•[ hack, healthcare ]
Hurley Medical Center in Flint, Mich. is hit by a cyber attack, one day after the hacktivist group, Anonymous, threatened to take action for the city's water crisis.
Royal Melbourne Hospital
January 19, 2016
•[ hack, malware, healthcare ]
The Royal Melbourne Hospital's core computer systems and personal computer systems have been infected by a virus. After two weeks the hospital still struggles to mitigate the infection.
Metropolitan Jewish Health System
January 18, 2016
•[ social, phishing, healthcare ]
Metropolitan Jewish Health System notifies members and patients of phishing incident, possibly involving 2,483 individuals.
Blue Shield of California
January 14, 2016
•[ leak, healthcare ]
Blue Shield of California announces that personal information from nearly 21,000 individual and family plan customers was accessed in a security breach late last year.
http://www
December 7, 2015
•[ hack, healthcare ]
GrenXPaRTa hacks befriending.co.uk and dumps 7325 usernames and hashed passwords.
Emergence Health Network
October 26, 2015
•[ hack, misconfiguration, healthcare ]
Emergence Health Network(EHN) notifies 11,100 patients of an unauthorized access of a server containing protected health information.
Siouxland Pain Clinic
August 1, 2015
•[ hack, healthcare ]
Siouxland Pain Clinic's computer system is hacked, putting at risk patient privacy. 13,000 users are potentially affected and an investigation suggests a possible Chinese origin for the attack.
Planned Parenthood
July 30, 2015
•[ hack, ddos, healthcare ]
Planned Parenthood websites are taken down by a DDoS attack and, according to the main page, undergoing maintenance.
Healthfirst
July 24, 2015
•[ leak, healthcare ]
New York-based Healthfirst notifies about 5,300 current and former members that their personal information may have been compromised in a criminal fraud scheme.
Saint Francis Hospital
June 5, 2015
•[ financial, malware, healthcare ]
The St. Francis Hospital in Tulsa, Oklahoma, revelas that the system processing card payments for its gift shop was comprmoised for a brief period, capturing financial data of the customers
Medical Information Engineering
June 2, 2015
•[ hack, healthcare ]
Medical Information Engineering (MIE), a medical software company, notifies customers of a cybersecurity incident that provided unauthorized access to its network and some patients' personal health information.
