19 healthcare privacy incidents in October

Privacy incidents at government departments, medical device suppliers, hospitals and other healthcare organizations captured public attention last month.

While media outlets reported on the following breaches in October, healthcare organizations experienced breaches as early as 2002.

Here are 19 incidents covered by Becker's Hospital Review.

Note: The incidents are presented in order of number of patients or organizations affected.

1. A team of Check Point researchers discovered a botnet, dubbed "IoTroop," which has infected an estimated one million organizations across the globe, according to a report the San Carlos, Calif.-based cybersecurity company released Oct. 19.

2. The protected health information of an estimated 150,000 Americans using services from Layfayette, La.-based Patient Home Monitoring was discovered on a publicly accessible and unprotected Amazon cloud server.

3. Chase Brexton Health Care, a Baltimore-based group of community health clinics, plans to notify 16,562 patients about a security incident after four employees responded to a phishing attempt.

4. A former employee of Bogalusa, La.-based Our Lady of the Angels Hospital may have accessed thousands of patient records without authorization for nearly 15 years. 

5. Spokane, Wash.-based Mann-Grandstaff VA Medical Center notified 1,915 patients their protected health information may have been compromised in a theft earlier this year.  

6. Ashland, Mo.-based Namaste Health Care notified 1,600 patients its office experienced a cyberattack in August.

7. The Iowa Department of Human Services was targeted by a phishing campaign Aug. 23, the department announced Oct. 20 and it began to notify 820 individuals their protected health information may have been accessed.

8. The hack on accounting giant Deloitte, which compromised a server that stored the email addresses of about 350 clients, may have also jeopardized emails of four U.S. government departments, the United Nations and some of the world's biggest multinational corporations.

9. Toronto-based University Health Network is in the midst of reviewing five years' worth of online patient records after officials discovered four patients' information had been misplaced. 

10. Three Indiana pharmacists were issued reprimand letters by state regulators after investigators with the state attorney general's office found they had separately tried to access music star Prince's medical records shortly after his death.  

11. Researchers identified a flaw in the security protocol that protects nearly all Wi-Fi networks, which could compromise almost all wireless-enabled devices.

12. The American Society for Reproductive Medicine delivered email warnings to its members regarding a recently-surfaced impostor website.  

13. The Department of Homeland Security U.S. Computer Emergency Readiness Team issued an alert Oct. 24 for a new strain of ransomware called "Bad Rabbit."

14. Pinehurst, N.C.-based FirstHealth of the Carolinas suffered from a malware threat the health system's IT team detected Oct 17, which it determined to be a variant of WannaCry. 

15. Unalaska, Alaska-based Iliuliuk Family and Health Services launched an investigation into a computer system breach that reportedly took place in August.

16. The Government Accountability Office plans to launch a probe into a cyberattack that reportedly targeted the Federal Communications Commission in May.  

17. Accenture reportedly exposed sensitive customer data on four misconfigured Amazon cloud servers, which might have allowed those with the web addresses to download the information.

18. A September audit determined that Georgia's Department of Community Health "exposes itself to unnecessary risk of error, misuse, fraud or loss of data'' that could impact claims and payment processing of Medicaid members. 

19. A 2015 breach to the National Security Agency may have exposed its cyberwarfare strategy. 

More articles on cybersecurity: 

10 tips for incorporating patient health trackers into an EHR

Survey: Only 1 in 4 providers strongly agree EHRs prepared them for new healthcare economy

Thomas Health System cuts 10 employees in consolidation effort

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.


Featured Whitepapers

Featured Webinars