- The federal government published new HIPAA fine regulations:
- Minimum fine is now $187 per instance
- Maximum fine is now $2,067,813 for penalty year cap
- The FBI sent out a published warning to the healthcare industry in the USA about new ransomware attacks that can lead to destruction of all PHI for victims.
- Cascade Family Dental Clinics of Washington notified an over 2,500 number of patients that their PHI was exposed after hackers stole 130GB of data from network.
- Garn Mason Orthodontics of Arizona notified an unknown number of patients that their PHI was exposed after ransomware attack.
- GI Medical Services of New York notified an unknown number of patients that their PHI was exposed after ransomware attack.
- Community First Medical Center of Chicago, IL notified 216,047 patients that their PHI was exposed after ransomware attack.
- MNGI Digestive Health of Minnesota notified an unknown number of patients that their PHI was exposed after ransomware attack.
- Pain Care Specialists of Oregon notified an unknown number of patients that their PHI was exposed after ransomware attack.
- Eastern Connecticut Health Network notified an unknown number of patients that their PHI was exposed after ransomware attack.
- Mount Graham Regional Medical Center of Safford, Arizona, notified unknown number of patients that their PHI was exposed after ransomware attack.
- McLaren Health of Michigan notified 2.5 million patients that their PHI was exposed after ALPHV/BlackCat ransomware attack.
- Brooklyn Premier Orthopedics of New York notified an unknown number of patients that their PHI was exposed after 126GB of data was stolen by ransomware gang.
- Faquier County Public School District of Virginia notified an unknown number of students that their info may have been exposed after ransomware attack.
- Hinds County government in Jackson, Mississippi admitted it paid hackers a $300,000 ransom to gain control of its network, where ransomware exposed the info on an unknown number of citizens.
- Rock County government of Wisconsin notified an unknown number of citizens that their info was exposed after ransomware attack.
- Cleveland Clinic Mercy Hospital of Ohio stated that it had a “internal hardware failure” which caused a network disruption this past week.
- LA Care of California agreed to pay $1.3 million to settle allegations of negligence after a breach that exposed PHI of 2.7 million patients.
- Blackbaud agreed to pay $49.5 million to settle HIPAA lawsuit that impact patients in all 50 states after a huge data breach.
- 23andMe may be forced to notify a large number of its DNA testing customers after a ransomware attack.
- Facebook had its own account hacked and fake headlines were posted.
- MGM Resorts and Casinos in Las Vegas claim that unlike Caesars, they did NOT pay ransom to the hackers. However, getting system back up and running cost $110 million.
- St. Peter’s Health of Montana notified an unknown number of patients that their PHI may have been exposed by a former consultant.
- CarePointe ENT of Indiana was sued by the state alleging negligence after a breach exposed the PHI of 45,000 patients.
Original Post