lingo.lol is one of the many independent Mastodon servers you can use to participate in the fediverse.
A place for linguists, philologists, and other lovers of languages.

Server stats:

59
active users

#businessassociate

0 posts0 participants0 posts today
Healthcare IT Security Robot<p>DATE: January 30, 2025 at 08:21AM<br>SOURCE: HEALTHCARE INFO SECURITY</p><p>Direct article link at end of text block below.</p><p>What’s the largest <a href="https://mastodon.clinicians-exchange.org/tags/HIPAA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HIPAA</span></a> <a href="https://mastodon.clinicians-exchange.org/tags/businessassociate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>businessassociate</span></a> breach reported so far this year? <a href="https://t.co/5T4sABQt60" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">t.co/5T4sABQt60</span><span class="invisible"></span></a></p><p>Here are any URLs found in the article text: </p><p><a href="https://t.co/5T4sABQt60" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">t.co/5T4sABQt60</span><span class="invisible"></span></a></p><p>Articles can be found by scrolling down the page at <a href="https://www.healthcareinfosecurity.com/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">healthcareinfosecurity.com/</span><span class="invisible"></span></a> under the title "Latest"</p><p>-------------------------------------------------</p><p>Private, vetted email list for mental health professionals: <a href="https://www.clinicians-exchange.org" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">clinicians-exchange.org</span><span class="invisible"></span></a></p><p>Healthcare security &amp; privacy posts not related to IT or infosec are at <span class="h-card" translate="no"><a href="https://mastodon.clinicians-exchange.org/@HIPAABot" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>HIPAABot</span></a></span> . Even so, they mix in some infosec with the legal &amp; regulatory information.</p><p>-------------------------------------------------</p><p><a href="https://mastodon.clinicians-exchange.org/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://mastodon.clinicians-exchange.org/tags/healthcare" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>healthcare</span></a> <a href="https://mastodon.clinicians-exchange.org/tags/doctors" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>doctors</span></a> <a href="https://mastodon.clinicians-exchange.org/tags/itsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>itsecurity</span></a> <a href="https://mastodon.clinicians-exchange.org/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a> <a href="https://mastodon.clinicians-exchange.org/tags/doxxing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>doxxing</span></a> <a href="https://mastodon.clinicians-exchange.org/tags/psychotherapy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>psychotherapy</span></a> <a href="https://mastodon.clinicians-exchange.org/tags/securitynews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>securitynews</span></a> <a href="https://mastodon.clinicians-exchange.org/tags/psychotherapist" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>psychotherapist</span></a> <a href="https://mastodon.clinicians-exchange.org/tags/mentalhealth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mentalhealth</span></a> <a href="https://mastodon.clinicians-exchange.org/tags/psychiatry" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>psychiatry</span></a> <a href="https://mastodon.clinicians-exchange.org/tags/hospital" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hospital</span></a> <a href="https://mastodon.clinicians-exchange.org/tags/socialwork" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>socialwork</span></a> <a href="https://mastodon.clinicians-exchange.org/tags/datasecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>datasecurity</span></a> <a href="https://mastodon.clinicians-exchange.org/tags/webbeacons" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>webbeacons</span></a> <a href="https://mastodon.clinicians-exchange.org/tags/cookies" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cookies</span></a> <a href="https://mastodon.clinicians-exchange.org/tags/HIPAA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HIPAA</span></a> <a href="https://mastodon.clinicians-exchange.org/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://mastodon.clinicians-exchange.org/tags/datanalytics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>datanalytics</span></a> <a href="https://mastodon.clinicians-exchange.org/tags/healthcaresecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>healthcaresecurity</span></a> <a href="https://mastodon.clinicians-exchange.org/tags/healthitsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>healthitsecurity</span></a> <a href="https://mastodon.clinicians-exchange.org/tags/patientrecords" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>patientrecords</span></a> <span class="h-card" translate="no"><a href="https://a.gup.pe/u/infosec" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>infosec</span></a></span> <a href="https://mastodon.clinicians-exchange.org/tags/telehealth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>telehealth</span></a> <a href="https://mastodon.clinicians-exchange.org/tags/netneutrality" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>netneutrality</span></a> <a href="https://mastodon.clinicians-exchange.org/tags/socialengineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>socialengineering</span></a></p>
Dissent Doe :cupofcoffee:<p>Medusa also claims to have hit American Medical Billing in Illinois. Medusa provides a number of internal files, including insurance. They are asking $150k to either delete all the data or download all the data. </p><p>I'm somewhat surprised that they are asking (only) 10k more for medically related info than for the school district listing. </p><p><a href="https://infosec.exchange/tags/HealthSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HealthSec</span></a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/HIPAA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HIPAA</span></a> <a href="https://infosec.exchange/tags/BusinessAssociate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BusinessAssociate</span></a></p>
Dissent Doe :cupofcoffee:<p>The Perry Johnson &amp; Associates (PJ&amp;A) breach that affected 1.2 million patients of Cook County Health in Illinois also affected millions of Northwell Health patients on Long Island,</p><p><a href="https://www.databreaches.net/pja-data-breach-also-affected-millions-of-northwell-health-patients/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">databreaches.net/pja-data-brea</span><span class="invisible">ch-also-affected-millions-of-northwell-health-patients/</span></a></p><p>PJ&amp;A is a medical transcription service so lots of <a href="https://infosec.exchange/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PII</span></a> and <a href="https://infosec.exchange/tags/PHI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PHI</span></a> appear to be involved in this one.</p><p>The actual breach/exfil occurred months ago. So far, I've not found any attribution, any indication of any extortion/ransom demand, or any group claiming responsibility for this one. </p><p><a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/HealthSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HealthSec</span></a> <a href="https://infosec.exchange/tags/HIPAA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HIPAA</span></a> <a href="https://infosec.exchange/tags/BusinessAssociate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BusinessAssociate</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> </p><p><span class="h-card" translate="no"><a href="https://infosec.exchange/@BleepingComputer" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>BleepingComputer</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@campuscodi" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>campuscodi</span></a></span> <span class="h-card" translate="no"><a href="https://ioc.exchange/@jgreig" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>jgreig</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@briankrebs" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>briankrebs</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@brett" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>brett</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@euroinfosec" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>euroinfosec</span></a></span></p>
U.S. Politics in Real Time<p>Hunter Biden business associate testifies he has no knowledge of wrongdoing by Joe Biden</p><p><a href="https://www.msnbc.com/morning-joe/watch/hunter-biden-business-associate-testifies-he-has-no-knowledge-of-wrongdoing-by-joe-biden-190009413652" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">msnbc.com/morning-joe/watch/hu</span><span class="invisible">nter-biden-business-associate-testifies-he-has-no-knowledge-of-wrongdoing-by-joe-biden-190009413652</span></a></p><p><a href="https://mastodon.sdf.org/tags/MSNBC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MSNBC</span></a> <a href="https://mastodon.sdf.org/tags/HunterBiden" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HunterBiden</span></a> <a href="https://mastodon.sdf.org/tags/JoeBiden" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>JoeBiden</span></a> <a href="https://mastodon.sdf.org/tags/businessassociate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>businessassociate</span></a> <a href="https://mastodon.sdf.org/tags/wrongdoing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>wrongdoing</span></a> <a href="https://mastodon.sdf.org/tags/testimony" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>testimony</span></a> <a href="https://mastodon.sdf.org/tags/Politics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Politics</span></a> <a href="https://mastodon.sdf.org/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>News</span></a></p>
Dissent Doe :cupofcoffee:<p>In what may be the largest health data breach reported so far in 2023, Maximus, a government services contractor, notified the SEC in their 8-k filing on July 26 that the MOVEit breach affected 8-11 million people's information. </p><p>It's not clear from the wording of their report whether all of them had protected health information involved. Maximus also services other govt programs like student loans. They wrote:</p><p>"Based on the review of impacted files to date, the Company believes those files contain personal information, including social security numbers, protected health information and/or other personal information, of at least 8 to 11 million individuals to whom the Company anticipates providing notice of the incident."</p><p>I don't see Maximus listed on Clop's leak site. Anyone spot it? <br> <a href="https://www.databreaches.net/health-data-of-more-than-8-million-people-accessed-by-moveit-hackers-us-govt-contractor/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">databreaches.net/health-data-o</span><span class="invisible">f-more-than-8-million-people-accessed-by-moveit-hackers-us-govt-contractor/</span></a></p><p><a href="https://infosec.exchange/tags/Maximus" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Maximus</span></a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/HealthSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HealthSec</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/Clop" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Clop</span></a> <a href="https://infosec.exchange/tags/MOVEit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MOVEit</span></a> <a href="https://infosec.exchange/tags/0day" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>0day</span></a> <a href="https://infosec.exchange/tags/BusinessAssociate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BusinessAssociate</span></a> <a href="https://infosec.exchange/tags/thirdparty" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>thirdparty</span></a> <a href="https://infosec.exchange/tags/vendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vendor</span></a> <a href="https://infosec.exchange/tags/HIPAA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HIPAA</span></a> <a href="https://infosec.exchange/tags/HITECH" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HITECH</span></a></p>
Dissent Doe :cupofcoffee:<p>Imagine360 discovered that two of its file-sharing platforms were hit within days of each other: <a href="https://www.databreaches.net/imagine360-discovers-that-two-of-its-file-sharing-platforms-were-hit-within-days-of-each-other/" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">databreaches.net/imagine360-di</span><span class="invisible">scovers-that-two-of-its-file-sharing-platforms-were-hit-within-days-of-each-other/</span></a></p><p><a href="https://infosec.exchange/tags/HIPAA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HIPAA</span></a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/hack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hack</span></a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incidentresponse</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/thirdparty" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>thirdparty</span></a> <a href="https://infosec.exchange/tags/vendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vendor</span></a> <a href="https://infosec.exchange/tags/BusinessAssociate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BusinessAssociate</span></a> <a href="https://infosec.exchange/tags/transparency" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>transparency</span></a> <a href="https://infosec.exchange/tags/Citrix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Citrix</span></a> <a href="https://infosec.exchange/tags/Fortra" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fortra</span></a> </p><p><span class="h-card"><a href="https://infosec.exchange/@brett" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>brett</span></a></span> <span class="h-card"><a href="https://ioc.exchange/@allan" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>allan</span></a></span> <br><span class="h-card"><a href="https://infosec.exchange/@dangoodin" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>dangoodin</span></a></span> <span class="h-card"><a href="https://mastodon.social/@campuscodi" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>campuscodi</span></a></span></p>
Dissent Doe :cupofcoffee:<p>Another business associate breach affecting multiple covered entities and patients. </p><p>R&amp;B Corporation of Virginia d/b/a Credit Control Corporation&nbsp; notified HHS that 345,523 patients were affected by an incident that involved exfiltration of data. CCC did not respond to inquiries as to whether there was any ransom demand or not and has not identified the attackers. </p><p>For background and the list of covered entities affected, see <a href="https://www.databreaches.net/another-business-associate-attacked-286699-patients-being-notified-of-attack-on-medical-debt-collection-firm/" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">databreaches.net/another-busin</span><span class="invisible">ess-associate-attacked-286699-patients-being-notified-of-attack-on-medical-debt-collection-firm/</span></a></p><p><a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/HealthSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HealthSec</span></a> <a href="https://infosec.exchange/tags/businessassociate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>businessassociate</span></a> <a href="https://infosec.exchange/tags/thirdparty" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>thirdparty</span></a> <a href="https://infosec.exchange/tags/ITsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITsec</span></a> <a href="https://infosec.exchange/tags/hack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hack</span></a> </p><p><span class="h-card"><a href="https://infosec.exchange/@brett" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>brett</span></a></span></p>
Dissent Doe :cupofcoffee:<p>A rough year for a business associate: First NextGen had a ransomware attack by AlphV, then they suffered a credential stuffing attack affecting more than 1 million patients. They say the credentials did not come from NextGen or any NextGen-related incident.</p><p><a href="https://www.databreaches.net/a-rough-year-first-a-ransomware-attack-then-a-credential-stuffing-attack-affecting-more-than-1-million-patients/" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">databreaches.net/a-rough-year-</span><span class="invisible">first-a-ransomware-attack-then-a-credential-stuffing-attack-affecting-more-than-1-million-patients/</span></a></p><p><a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/BusinessAssociate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BusinessAssociate</span></a> <a href="https://infosec.exchange/tags/HIPAA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HIPAA</span></a> <a href="https://infosec.exchange/tags/credentialstuffing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>credentialstuffing</span></a> <a href="https://infosec.exchange/tags/HealthSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HealthSec</span></a> <a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ransomware</span></a> </p><p><span class="h-card"><a href="https://mastodon.social/@campuscodi" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>campuscodi</span></a></span> <span class="h-card"><a href="https://infosec.exchange/@briankrebs" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>briankrebs</span></a></span> <span class="h-card"><a href="https://ioc.exchange/@allan" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>allan</span></a></span> <span class="h-card"><a href="https://infosec.exchange/@brett" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>brett</span></a></span> <span class="h-card"><a href="https://infosec.exchange/@DevaOnBreaches" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>DevaOnBreaches</span></a></span></p>
Dissent Doe :cupofcoffee:<p>Brightline continues notifying clients of the GoAnywhere incident; count continues to rise. 900k so far and still counting?</p><p><a href="https://www.databreaches.net/brightline-continues-notifying-clients-of-goanywhere-incident-count-continues-to-rise/" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">databreaches.net/brightline-co</span><span class="invisible">ntinues-notifying-clients-of-goanywhere-incident-count-continues-to-rise/</span></a></p><p>Still so much we don't know.</p><p>Brightline's external counsel let a state regulator know that Fortra <em>refused</em> to make notifications to patients and regulators, despite repeated requests.</p><p>I wonder if Fortra refused with all their clients and if so, how many clients they may have lost over that. </p><p>And there's still the issue of Clop trying to extort the clients directly. Ugh. </p><p><span class="h-card"><a href="https://mastodon.social/@campuscodi" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>campuscodi</span></a></span> <span class="h-card"><a href="https://infosec.exchange/@briankrebs" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>briankrebs</span></a></span> <span class="h-card"><a href="https://mastodon.social/@zackwhittaker" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>zackwhittaker</span></a></span> <span class="h-card"><a href="https://mastodon.social/@arstechnica" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>arstechnica</span></a></span> <span class="h-card"><a href="https://infosec.exchange/@brett" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>brett</span></a></span> <span class="h-card"><a href="https://ioc.exchange/@jgreig" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>jgreig</span></a></span> </p><p><a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/BusinessAssociate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BusinessAssociate</span></a> <a href="https://infosec.exchange/tags/cyberattack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyberattack</span></a> <a href="https://infosec.exchange/tags/Clop" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Clop</span></a> <a href="https://infosec.exchange/tags/Fortra" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fortra</span></a> <a href="https://infosec.exchange/tags/GoAnywhere" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GoAnywhere</span></a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IncidentResponse</span></a> <a href="https://infosec.exchange/tags/HIPAA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HIPAA</span></a> <a href="https://infosec.exchange/tags/Notification" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Notification</span></a> <a href="https://infosec.exchange/tags/Transparency" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Transparency</span></a> <a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ransomware</span></a> <a href="https://infosec.exchange/tags/extortion" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>extortion</span></a></p>
Dissent Doe :cupofcoffee:<p>ICYMI: DataBreaches has been tracking Fortra/GoAnywhere clients that had protected health information caught up in Clop's 0-day attack. </p><p>In Part 1, I cover 6 entities that have disclosed their breaches, in part or whole. Five of them are also listed on Clop's site because Clop tried to extort them directly: <a href="https://www.databreaches.net/the-fortra-goanywhere-breach-also-affected-healthcare-entities-heres-what-we-know-so-far/" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">databreaches.net/the-fortra-go</span><span class="invisible">anywhere-breach-also-affected-healthcare-entities-heres-what-we-know-so-far/</span></a></p><p>In Part 2, I cover 8 U.S. and 1 Canadian entity where I could find no public disclosures. They, too, are on Clop's leak site and patient data is already leaking in most of these cases: <br><a href="https://www.databreaches.net/the-fortra-goanywhere-breach-also-affected-healthcare-entities-heres-what-we-know-so-far-part-2/" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">databreaches.net/the-fortra-go</span><span class="invisible">anywhere-breach-also-affected-healthcare-entities-heres-what-we-know-so-far-part-2/</span></a></p><p>So once again, many patients are not finding out from the covered entities that their data is already exposed on the dark web.</p><p><a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/HealthSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HealthSec</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/BusinessAssociate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BusinessAssociate</span></a> <a href="https://infosec.exchange/tags/Vendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vendor</span></a> <a href="https://infosec.exchange/tags/FileTransfer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FileTransfer</span></a> <a href="https://infosec.exchange/tags/transparency" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>transparency</span></a> <a href="https://infosec.exchange/tags/disclosure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>disclosure</span></a> <a href="https://infosec.exchange/tags/notification" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>notification</span></a> <a href="https://infosec.exchange/tags/HHS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HHS</span></a> <a href="https://infosec.exchange/tags/HIPAA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HIPAA</span></a> <a href="https://infosec.exchange/tags/HITECH" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HITECH</span></a> </p><p><span class="h-card"><a href="https://infosec.exchange/@brett" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>brett</span></a></span> <span class="h-card"><a href="https://ioc.exchange/@allan" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>allan</span></a></span> <span class="h-card"><a href="https://mastodon.social/@zackwhittaker" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>zackwhittaker</span></a></span> <span class="h-card"><a href="https://mastodon.social/@carlypage" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>carlypage</span></a></span></p>
Dissent Doe :cupofcoffee:<p>Diligent Corp. had to send more notifications after learning, the hard way, that a May 2022 hacking incident was even bigger than they had discovered: data that they hadn't thought had been accessed had been accessed and exfiltrated, and was now appearing on the internet. </p><p><a href="https://www.databreaches.net/bigger-than-they-knew-diligent-corp-sends-more-notifications-after-discovering-hacked-data-on-the-internet/" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">databreaches.net/bigger-than-t</span><span class="invisible">hey-knew-diligent-corp-sends-more-notifications-after-discovering-hacked-data-on-the-internet/</span></a></p><p><a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/dataprotection" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataprotection</span></a> <a href="https://infosec.exchange/tags/HIPAA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HIPAA</span></a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incidentresponse</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/forensics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>forensics</span></a> <a href="https://infosec.exchange/tags/phi" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>phi</span></a> <a href="https://infosec.exchange/tags/BusinessAssociate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BusinessAssociate</span></a> <a href="https://infosec.exchange/tags/SaaS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SaaS</span></a> <br><a href="https://infosec.exchange/tags/transparency" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>transparency</span></a> </p><p><span class="h-card"><a href="https://mastodon.social/@campuscodi" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>campuscodi</span></a></span> <span class="h-card"><a href="https://ioc.exchange/@allan" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>allan</span></a></span> <span class="h-card"><a href="https://infosec.exchange/@brett" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>brett</span></a></span> <span class="h-card"><a href="https://cyberplace.social/@GossiTheDog" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>GossiTheDog</span></a></span> <span class="h-card"><a href="https://mastodon.social/@zackwhittaker" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>zackwhittaker</span></a></span> @lawrenceabrams</p>