Urbanists.Social

1 post1 participant0 posts today

Dissent Doe :cupofcoffee:It sounds like Esse Health suffered a seriously impactful ransomware attack that affected their ability to access patient records and provide some patient care. I have not seen any group claim responsibility for this attack (yet), but here is a media link and link to Esse Health's undated update notice:<a href="https://www.firstalert4.com/2025/05/07/cyberattack-puts-healthcare-hold-hundreds-st-louis-metro/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.firstalert4.com/2025/05/07/cyberattack-puts-healthcare-hold-hundreds-st-louis-metro/</a> <a href="https://www.essehealth.com/network-updates/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.essehealth.com/network-updates/</a><a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ransomware</a> <a href="https://infosec.exchange/tags/HealthSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HealthSec</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a>

Dissent Doe :cupofcoffee:Correcting one of my posts: It was not Atrium Health that owned the data Jeremiah Fowler reported on to Website Planet. I heard from Atrium Health today and it was Carolina Anesthesiology, P.A., who owned the data that were exposed. My corrected post is at: <a href="https://databreaches.net/2025/04/24/no-need-to-hack-when-its-leaking/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://databreaches.net/2025/04/24/no-need-to-hack-when-its-leaking/</a><a href="https://infosec.exchange/tags/healthsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#healthsec</a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#dataleak</a>(I can't believe it but I just had to correct my correction on the name of the actual owners. Please make this week be over.)

Dissent Doe :cupofcoffee:Updating an incident: The InterLock ransomware gang has claimed responsibility for the DaVita attack. They claim to have exfiltrated  1,510 GB of data,  683,104 files, and  75,836 folders, and have leaked the file tree and some folder information.<a href="https://infosec.exchange/tags/healthsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#healthsec</a> <a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ransomware</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/DaVita" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DaVita</a> <a href="https://infosec.exchange/tags/InterLock" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InterLock</a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a>

Dissent Doe :cupofcoffee:No need to hack when it’s leaking: Atrium Health edition: <a href="https://databreaches.net/2025/04/24/no-need-to-hack-when-its-leaking-atrium-health-edition/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://databreaches.net/2025/04/24/no-need-to-hack-when-its-leaking-atrium-health-edition/</a><a href="https://infosec.exchange/tags/healthsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#healthsec</a> <a href="https://infosec.exchange/tags/leak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#leak</a> <a href="https://infosec.exchange/tags/HIPAA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HIPAA</a> <a href="https://infosec.exchange/tags/SecurityRule" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityRule</a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a>

Dissent Doe :cupofcoffee:<a href="https://infosec.exchange/@JayeLTee" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@JayeLTee</a> SavantCare never responded to my inquiries, either. Prior to sending them questions, I simply queried them as to whether they are covered by HIPAA. They responded to that email by affirming that they are regulated by HIPAA. But then they ignored all the questions that followed about the leak, their data security, any business associate agreement with GRMTech, and whether they are notifying HHS and affected patients. <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/healthsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#healthsec</a> <a href="https://infosec.exchange/tags/HIPAA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HIPAA</a> <a href="https://infosec.exchange/tags/HHS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HHS</a> <a href="https://infosec.exchange/tags/incident_response" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#incident_response</a> <a href="https://infosec.exchange/tags/leak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#leak</a>

Dissent Doe :cupofcoffee:UnitedHealth's Change Healthcare got a ton of what some might consider well-deserved bad press last year after a ransomware attack by AlphV/BlackCat. Now they're getting more bad press. UnitedHealth is demanding that some struggling doctors immediately repay loans issued after last year’s cyberattack. That wasn't the way the providers were told repayment would work in terms of when and how. <a href="https://infosec.exchange/tags/CNBC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CNBC</a> has the story:<a href="https://www.cnbc.com/2025/04/11/unitedhealth-makes-doctors-repay-loans-issued-after-change-cyberattack.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.cnbc.com/2025/04/11/unitedhealth-makes-doctors-repay-loans-issued-after-change-cyberattack.html</a><a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IncidentResponse</a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ransomware</a> <a href="https://infosec.exchange/tags/healthsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#healthsec</a>

Dissent Doe :cupofcoffee:From the We-Wish-This-Was-An-April-Fools-Joke-But-It’s-Not department:Vitenas Cosmetic Surgery patient data hacked and leaked<a href="https://databreaches.net/2025/04/01/vitenas-cosmetic-surgery-patient-data-hacked-and-leaked/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://databreaches.net/2025/04/01/vitenas-cosmetic-surgery-patient-data-hacked-and-leaked/</a><a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/extortion" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#extortion</a> <a href="https://infosec.exchange/tags/healthsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#healthsec</a>

Dissent Doe :cupofcoffee:Oracle Health is becoming the poster child for how NOT to respond to a breach:<a href="https://www.bleepingcomputer.com/news/security/oracle-health-breach-compromises-patient-data-at-us-hospitals/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/oracle-health-breach-compromises-patient-data-at-us-hospitals/</a><a href="https://infosec.exchange/tags/healthsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#healthsec</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#incidentresponse</a> <a href="https://infosec.exchange/tags/HIPAA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HIPAA</a> <a href="https://infosec.exchange/tags/transparency" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#transparency</a>

Dissent Doe :cupofcoffee:Four months after learning of a vendor's breach, Concord Orthopaedics in NH notifies almost 68,000 patients. At the same time that they were mailing notifications, <a href="https://infosec.exchange/tags/EverestTeam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#EverestTeam</a> was leaking 2.9 GB of files with patient info from 2018-2024. <a href="https://databreaches.net/2025/03/27/four-months-after-learning-of-a-vendors-breach-concord-orthopaedics-notifies-almost-68000-patients/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://databreaches.net/2025/03/27/four-months-after-learning-of-a-vendors-breach-concord-orthopaedics-notifies-almost-68000-patients/</a><a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/healthsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#healthsec</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/ThirdParty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ThirdParty</a> <a href="https://infosec.exchange/tags/vendor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#vendor</a> <a href="https://infosec.exchange/tags/HIPAA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HIPAA</a>

Dissent Doe :cupofcoffee:Health-care billing company Medical Billing Specialists Inc. (MBS Select) has been hit with a potential class action lawsuit over their 2024 breach.Notifications first went out a year after the attack by Akira ransomware group. <a href="https://databreaches.net/2025/02/26/medical-billing-vendor-sued-over-health-data-leak-gold-mine/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://databreaches.net/2025/02/26/medical-billing-vendor-sued-over-health-data-leak-gold-mine/</a>h/t, Bloomberg Law.Direct link to complaint: <a href="https://www.bloomberglaw.com/public/desktop/document/MarianoGuerravMedicalBillingSpecialistsIncDocketNo125cv10453DMass?doc_id=X7V6GF8O0QV9EOAVLKEKKSJCO87" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.bloomberglaw.com/public/desktop/document/MarianoGuerravMedicalBillingSpecialistsIncDocketNo125cv10453DMass?doc_id=X7V6GF8O0QV9EOAVLKEKKSJCO87</a><a href="https://infosec.exchange/tags/BAA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BAA</a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/healthsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#healthsec</a> <a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ransomware</a> <a href="https://infosec.exchange/tags/notification" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#notification</a>

Dissent Doe :cupofcoffee:From Bluesight's press release for the 2025 Breach Barometer, some of the key findings:<ul><li>More than 300 million patient records breached in 2024, a 26% increase over 2023. This included the largest healthcare breach ever recorded, affecting 1 in 2 Americans.</li><li>Insider threats, hackers and third-party relationships drove breach impact in 2024, with business associates accounting for the majority of breached records (77%) in the 2025 Breach Barometer dataset.</li><li>Breach notifications took an average of 205 days after an incident in 2024, compared to 177 days in the previous year.</li></ul>I'll have more details on some of these issues on my blog in the near future, but encourage you to download the full report now: <a href="https://bluesight.com/wp-content/uploads/2025/02/2025-Breach-Barometer-Annual-Report.pdf" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://bluesight.com/wp-content/uploads/2025/02/2025-Breach-Barometer-Annual-Report.pdf</a>For those of you that read the Protenus Breach Barometer report I produced with Protenus every year beginning in 2016, Bluesight recently acquired Protenus and is continuing to produce the report in collaboration with my work. <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/healthsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#healthsec</a> <a href="https://infosec.exchange/tags/statistics" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#statistics</a> <a href="https://infosec.exchange/tags/analysis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#analysis</a> <a href="https://infosec.exchange/tags/BAA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BAA</a>

Dissent Doe :cupofcoffee:Update: On February 24, 2025, the Termite ransomware group claimed responsibility for the attack on Genea, a network of fertility (IVF) clinics in Australia.On their dark web leak site, Termite claims to have ~700 GB of data from Genea's servers,, including patient data. They posted a number of screenshots with patient records as proof of claims. <a href="https://infosec.exchange/tags/Genea" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Genea</a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/IVF" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IVF</a> <a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ransomware</a> <a href="https://infosec.exchange/tags/healthsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#healthsec</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/Termite" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Termite</a><a href="https://mastodon.social/@David_Hollingworth" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@David_Hollingworth</a>

Dissent Doe :cupofcoffee:Beverly Hills Plastic Surgeon Jaime Schwartz M.D. Sued for Not Timely Notifying Patients of Two Hacks: <a href="https://databreaches.net/2025/02/22/beverly-hills-plastic-surgeon-jaime-schwartz-m-d-sued-for-not-timely-notifying-patients-of-two-hacks/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://databreaches.net/2025/02/22/beverly-hills-plastic-surgeon-jaime-schwartz-m-d-sued-for-not-timely-notifying-patients-of-two-hacks/</a>h/t, <a href="https://infosec.exchange/tags/404media" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#404media</a> <a href="https://infosec.exchange/tags/Courtwatch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Courtwatch</a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/extortion" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#extortion</a> <a href="https://infosec.exchange/tags/incident_response" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#incident_response</a> <a href="https://infosec.exchange/tags/notification" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#notification</a> <a href="https://infosec.exchange/tags/transparency" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#transparency</a> <a href="https://infosec.exchange/tags/hack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hack</a> <a href="https://infosec.exchange/tags/healthsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#healthsec</a>

Recent searches

Search options

Administered by:

Server stats:

#healthsec