Arizona Asthma and Allergy Institute Notifies 70,372 Patients About Data Breach
Arizona Asthma and Allergy Institute has issued breach notification letters to 70,372 patients who received services between October 1, 2015 and June 15, 2020. According to the breach notice, a range of their personal and protected health information including names, patient ID numbers, provider names, health insurance information, and treatment cost information was exposed online under the name of a different organization for a brief period in September 2020. After being alerted about the exposed data, a third-party forensics company was engaged to investigate the breach. The investigation concluded on March 8, 2021 and confirmed that protected health information had been exposed. According to databreaches.net, which contacted Arizona Asthma and Allergy Institute to alert them about the breach, this was a ransomware attack by the Maze ransomware operation. Sensitive data obtained in the breach had been posted to the Maze Group’s data leak site for a short period in September under the name Medical Management Inc. Stillwater Medical Center Investigation Security Breach Stillwater...
SEIU 775 Benefits Group Data Breach Impacts 140,000 Individuals
A benefits administrator for home healthcare and nursing home workers, Service Employees International Union 775 (SEIU 775) Benefits Group, has experienced a cyberattack that resulted in the deletion of sensitive data. IT staff detected anomalies within SEIU 775’s data systems on or around April 4, 2021, which included the deletion of certain data. An investigation was launched into the malicious activity, led by third-party cybersecurity experts and forensic consultants. The investigation confirmed that its systems had been hacked and the data of unknown individuals had been deleted, including personally identifiable and protected health information. While information was deleted, no evidence was found to indicate any PII or PHI was viewed or acquired by the attackers and there have been no reported cases of misuse of data. Data potentially compromised included names, addresses, and demographic data along with Social Security numbers and potentially health plan eligibility information. Upon discovery of the malicious activity, steps were immediately taken to prevent further...
Avaddon Ransomware Operation Shuts Down and Releases Decryption Keys
The Avaddon ransomware-as-a-service operation was shut down on Friday and the threat group released the decryption keys for all victims. Bleeping Computer was sent an email with password and a link to a password protected ZIP file that contained the private keys for 2,934 Avaddon ransomware victims. The keys were confirmed as legitimate by Emsisoft and Coveware, with the former now having released a free decryptor that can be used by all Avaddon ransomware victims to decrypt their files. Avaddon is a relatively new ransomware-as-a-service operation which started up in March 2020. The threat group behind the operation recruited affiliates to conduct attacks and provided them with a portal through which they could generate copies of the ransomware to conduct their own attacks. All ransoms generated were then shared between the affiliate and the RaaS operator. It is not uncommon for RaaS operations to suddenly stop and release the keys for victims that have not yet paid, but the timing of the shut down suggests the RaaS operator may have got nervous with the increased focus of...
Houston Hospital Workers’ Lawsuit over Vaccine Mandate Dismissed by Federal Judge
Many U.S. employers have implemented a policy that requires their workers to be vaccinated against COVID-19, including several major healthcare systems and hospitals. These policies are in line with the guidance issued by the U.S. Equal Employment Opportunity Commission last month, which confirmed that U.S. employers are within their rights to require their employees to be vaccinated, with certain exceptions such as on medical or religious grounds. Houston Methodist Hospital in Texas introduced its vaccine mandate to ensure patients were protected against COVID-19 and set a June 7, 2021 deadline for employees to be vaccinated. While the majority of workers at Houston Methodist Hospital have been or have agreed to receive a COVID-19 vaccine, On Monday June 7, a walkout was staged by a small minority of workers over the vaccine requirements. On Tuesday, the hospital took the decision to suspend 178 workers without pay over their refusal to be inoculated. A lawsuit was brought by 117 of those workers, with lead plaintiff, Jennifer Bridges, claiming that if she is dismissed for...
IT Security Company COO Charged with Cyberattack on Georgia Medical Center
The Chief Operating Officer of an IT security firm has been charged over a financially motivated cyberattack on Gwinnett Medical Center in Lawrenceville, GA in September 2018. Vikas Singla, 45, of Marietta, GA is the COO of Securolytics, a network security company in the metro Atlanta region. On June 8, 2021, Singla was indicted by a federal grand jury for allegedly accessing the systems of the healthcare provider, disrupting its phone and network printer services, and stealing information from a Hologic R2 digitizing device. According to the Department of Justice, the attack was conducted, in part, for financial gain and commercial advantage. According to court documents at least 10 protected computers were damaged in the attack. It is unclear whether Singla or his IT company had any previous business relationship with Gwinnett Medical Center and why the medical center was targeted. Singla was arraigned in the U.S. District Court for the Northern District of Georgia on June 10, 2021, and was charged with 17 counts of causing intentional damage to a protected computer and one count...



