Cybersecurity Updates
Kaseya Software, headquartered in Ireland, with US headquarters in Miami, Florida, notified 1,500 companies that use its software, and it was attacked by ransomware
o a result of an attack on its remote device management software
o the REvil hacking group in Russia is asking for $70 million in ransom in exchange for a universal decryption tool
- Practicefirst Medical Management Solutions notified 1.2 million patients that their PHI was exposed after ransomware attack
- Northwestern Medicine, headquartered in Chicago, IL notified 201,197 patients that their PHI was exposed after data breach on a cancer software program
- Marsh McLennan Cos. Inc. of New York City, NY notified an unknown number of customers that their info was exposed after ransomware attack.
- Dominion National Insurance, headquartered in Arlington, VA, agreed to pay $2 million to settle a lawsuit regarding data breach that exposed 2.9 million patients’ PHI in 2019.
- Wiregrass Electric Cooperative of Hartford, Alabama notified an unknown number of customers that their info may have been exposed after recent ransomware attack.
- Rehabilitation Support Services of New York notified more than 3,000 patients that their PHI was exposed after ransomware attack.
- Fairbanks Cancer Care Physicians of Alaska notified an unknown number of patients that their PHI was exposed after cybersecurity incident.
- CentraCare Health and Carris Health – Willmar Lakeland Clinic of Minnesota notified an unknown number of patients that their PHI was exposed after cybersecurity incident.
- Demetrius Cervantes of McKinney, Texas was sentenced by Eastern District of Texas court to 3 years in prison for stealing PHI and reselling it for $1.4 million.
- Discovery Practice Management, Authentic Recovery Center and Cliffside Malibu Rehab notified an unknown number of patients in Southern California that their PHI was exposed after email phishing attack.
- The Ohio State University Medical Center notified an unknown number of Post Traumatic Stress Disorder patients that their PHI was exposed after data breach.
- The University of Wisconsin Hospital and Clinics Authority notified 4,318 patients that their PHI was exposed after breach.
- Minnesota Community Care of St. Paul, MN notified 64,855 patients that their PHI was exposed after ransomware attack.
- BJC HealthCare of St. Louis, Missouri lost its case to try to dismiss a lawsuit filed against the hospital by patients who had their PHI exposed after data breach.