Resources

An Adaptive Health Integrations data breach has recently been reported to the Department of Health and Human Services’ Office for Civil Rights (OCR) that involved the protected health information (PHI) of 510,574 individuals.

Newman Regional Health in Emporia, Kansas disclosed a data breach that impacted 52,224 individuals. The 25-bed critical access hospital said that an unauthorized actor gained access to a limited number of email accounts between January 26, 2021, and November 23, 2021.

The U.S. Department of Health and Human Services Office for Civil Rights was made aware of the breach.

Okta said Tuesday that a forensic investigation that it commissioned found that the hacker group Lapsus$ accessed two active customer tenants during the January breach of a third-party support firm.

Newman Regional Health (NRH), which operates a 25-bed critical access hospital in Emporia, KS, has recently started notifying 52,224 patients that unauthorized individuals have gained access to certain employee email accounts that contained protected health information.

An unknown attacker breached GitHub to download data from scores of private code repositories including that of npm — the world’s largest software registry with 75 billion downloads a month — the company has confirmed in a hugely troubling cybersecurity incident. GitHub says it and other affected companies were compromised after the attacker stole authentication tokens from two other upstream software firms.

The number of publicly reported data breaches in the US has increased by double-digit year-on-year, for the first three months of 2022, according to the Identity Theft Resource Center (ITRC). Between January to March, there were 404 publicly-reported data compromises country wide, representing a 14% increase compared to the same period last year.

A lawsuit has been filed against the in-home respiratory care provider, SuperCare Health, over a cyberattack and data breach that was reported to the Department of Health and Human Services on March 28, 2022. The incident involved the exposure and potential theft of the protected health information of 318,400 patients, including names, addresses, birth dates patient account numbers, medical record numbers, health insurance information, testing, diagnostic, treatment, and claims information. A subset of individuals also had their Social Security numbers and/or driver’s license numbers exposed.

GitHub revealed today that an attacker is using stolen OAuth user tokens (issued to Heroku and Travis-CI) to download data from private repositories.

Urgent Team Holdings, which operates more than 70 urgent care and walk-in centers in Alabama, Arkansas, Georgia, Mississippi, and Tennessee, has recently notified 166,601 patients that some of their protected health information may have been obtained by unauthorized individuals in a November 2021 cyberattack.