Ransomware Gangs Claim Three More Healthcare Victims

PeakTPA, a St. Louis, MO-based provider of health plan management and back-office services, has announced it suffered a cyberattack on or around December 28, 2020 in which protected health information was stolen. The security incident was detected on December 31 and involved two cloud servers used by the company to manage program of all-inclusive care… Read More »

NY Nurse Pleads Guilty to Tampering with a Consumer Product in HIPAA Case

A former Roswell Park Comprehensive Cancer Center nurse has pleaded guilty to tampering with a consumer product in a case involving fraud and HIPAA violations. In 2018, 6 patients of Roswell Park Comprehensive Cancer Center contracted a Sphingomonas paucimobilis bloodstream infection within the space of a few weeks. An investigation found syringes of hydromorphone had… Read More »

Hackers Access Live Feeds and Archived Footage from 150,000 Verkada Security Cameras

A hacking collective has gained access to the systems of the Californian security camera startup Verkada Inc. and the live feeds and archived footage from almost 150,000 cloud-connected surveillance cameras used by large corporations, schools, police departments, jails, and hospitals. As initially reported by Bloomberg, Verkada’s systems were accessed by a white hat hacking collective… Read More »

Multistate Settlement Resolves 2019 American Medical Collection Agency Data Breach Investigation

A coalition of 41 state Attorneys General has agreed to settle an investigation into Retrieval-Masters Creditors Bureau dba American Medical Collection Agency (AMCA) over a 2019 data breach that resulted in the exposure/theft of the protected health information of 21 million Americans. Retrieval-Masters Creditors Bureau is a debt collection agency, with its AMCA arm providing small… Read More »

New London Hospital Data Breach Affects Almost 35,000 Patients

New London Hospital in central New Hampshire has discovered an unauthorized individual gained access to a file on its network in July 2020 and may have obtained the protected health information of 34,878 patients. A third-party cybersecurity firm was engaged to assist with the investigation and determined on February 16, 2021 that the file was… Read More »