home.social

#businessassociate — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #businessassociate, aggregated by home.social.

  1. NEW by me:

    From bad to worse: Doctor Alliance hacked again by same threat actor

    databreaches.net/2025/11/18/fr

    This is a bad #databreach in terms of the #PII and #PHI acquired by the hacker, "Kazu," who is about to leak it all.
    Oof.

    Background: I reported on the first breach/attack a few days ago at databreaches.net/2025/11/12/do

    When the CEO claimed it was all secured the same day, the hacker got ticked off and went back in and hacked them again.

    #HealthSec #HIPAA #BusinessAssociate #thirdparty #vendor #hack #ransom #cybersecurity #incidentresponse

    @zackwhittaker @campuscodi @euroinfosec @Hackread

  2. NEW by me:

    From bad to worse: Doctor Alliance hacked again by same threat actor

    databreaches.net/2025/11/18/fr

    This is a bad #databreach in terms of the #PII and #PHI acquired by the hacker, "Kazu," who is about to leak it all.
    Oof.

    Background: I reported on the first breach/attack a few days ago at databreaches.net/2025/11/12/do

    When the CEO claimed it was all secured the same day, the hacker got ticked off and went back in and hacked them again.

    #HealthSec #HIPAA #BusinessAssociate #thirdparty #vendor #hack #ransom #cybersecurity #incidentresponse

    @zackwhittaker @campuscodi @euroinfosec @Hackread

  3. NEW by me:

    From bad to worse: Doctor Alliance hacked again by same threat actor

    databreaches.net/2025/11/18/fr

    This is a bad #databreach in terms of the #PII and #PHI acquired by the hacker, "Kazu," who is about to leak it all.
    Oof.

    Background: I reported on the first breach/attack a few days ago at databreaches.net/2025/11/12/do

    When the CEO claimed it was all secured the same day, the hacker got ticked off and went back in and hacked them again.

    #HealthSec #HIPAA #BusinessAssociate #thirdparty #vendor #hack #ransom #cybersecurity #incidentresponse

    @zackwhittaker @campuscodi @euroinfosec @Hackread

  4. NEW by me:

    From bad to worse: Doctor Alliance hacked again by same threat actor

    databreaches.net/2025/11/18/fr

    This is a bad #databreach in terms of the #PII and #PHI acquired by the hacker, "Kazu," who is about to leak it all.
    Oof.

    Background: I reported on the first breach/attack a few days ago at databreaches.net/2025/11/12/do

    When the CEO claimed it was all secured the same day, the hacker got ticked off and went back in and hacked them again.

    #HealthSec #HIPAA #BusinessAssociate #thirdparty #vendor #hack #ransom #cybersecurity #incidentresponse

    @zackwhittaker @campuscodi @euroinfosec @Hackread

  5. NEW by me:

    From bad to worse: Doctor Alliance hacked again by same threat actor

    databreaches.net/2025/11/18/fr

    This is a bad #databreach in terms of the #PII and #PHI acquired by the hacker, "Kazu," who is about to leak it all.
    Oof.

    Background: I reported on the first breach/attack a few days ago at databreaches.net/2025/11/12/do

    When the CEO claimed it was all secured the same day, the hacker got ticked off and went back in and hacked them again.

    #HealthSec #HIPAA #BusinessAssociate #thirdparty #vendor #hack #ransom #cybersecurity #incidentresponse

    @zackwhittaker @campuscodi @euroinfosec @Hackread

  6. NEW by me: Veradigm’s Breach Claims Under Scrutiny After Dark Web Leak

    databreaches.net/2025/11/01/ve

    This breach may have affected 2M of Veradigm's clients' patients, but it's pretty much flown under the media radar, and its explanation of how the breach occurred didn't make sense to me after I took a look at a data tranche.

    #HealthSec #BusinessAssociate #vendor #hack #incidentresponse #transparency #notification #Rhysida #Veradigm #SunflowerMedicalGroup #databreach

  7. NEW by me: Veradigm’s Breach Claims Under Scrutiny After Dark Web Leak

    databreaches.net/2025/11/01/ve

    This breach may have affected 2M of Veradigm's clients' patients, but it's pretty much flown under the media radar, and its explanation of how the breach occurred didn't make sense to me after I took a look at a data tranche.

    #HealthSec #BusinessAssociate #vendor #hack #incidentresponse #transparency #notification #Rhysida #Veradigm #SunflowerMedicalGroup #databreach

  8. NEW by me: Veradigm’s Breach Claims Under Scrutiny After Dark Web Leak

    databreaches.net/2025/11/01/ve

    This breach may have affected 2M of Veradigm's clients' patients, but it's pretty much flown under the media radar, and its explanation of how the breach occurred didn't make sense to me after I took a look at a data tranche.

    #HealthSec #BusinessAssociate #vendor #hack #incidentresponse #transparency #notification #Rhysida #Veradigm #SunflowerMedicalGroup #databreach

  9. NEW by me: Veradigm’s Breach Claims Under Scrutiny After Dark Web Leak

    databreaches.net/2025/11/01/ve

    This breach may have affected 2M of Veradigm's clients' patients, but it's pretty much flown under the media radar, and its explanation of how the breach occurred didn't make sense to me after I took a look at a data tranche.

    #HealthSec #BusinessAssociate #vendor #hack #incidentresponse #transparency #notification #Rhysida #Veradigm #SunflowerMedicalGroup #databreach

  10. NEW by me: Veradigm’s Breach Claims Under Scrutiny After Dark Web Leak

    databreaches.net/2025/11/01/ve

    This breach may have affected 2M of Veradigm's clients' patients, but it's pretty much flown under the media radar, and its explanation of how the breach occurred didn't make sense to me after I took a look at a data tranche.

    #HealthSec #BusinessAssociate #vendor #hack #incidentresponse #transparency #notification #Rhysida #Veradigm #SunflowerMedicalGroup #databreach

  11. Integrated Oncology Network victim of phishing attack; multiple locations affected:

    databreaches.net/2025/07/08/in

    No group seems to have claimed responsibility as yet and ION makes no mention of any extortion demand.

    #healthsec #cybersecurity #businessassociate #databreach

  12. Integrated Oncology Network victim of phishing attack; multiple locations affected:

    databreaches.net/2025/07/08/in

    No group seems to have claimed responsibility as yet and ION makes no mention of any extortion demand.

    #healthsec #cybersecurity #businessassociate #databreach

  13. Integrated Oncology Network victim of phishing attack; multiple locations affected:

    databreaches.net/2025/07/08/in

    No group seems to have claimed responsibility as yet and ION makes no mention of any extortion demand.

    #healthsec #cybersecurity #businessassociate #databreach

  14. Integrated Oncology Network victim of phishing attack; multiple locations affected:

    databreaches.net/2025/07/08/in

    No group seems to have claimed responsibility as yet and ION makes no mention of any extortion demand.

    #healthsec #cybersecurity #businessassociate #databreach

  15. Integrated Oncology Network victim of phishing attack; multiple locations affected:

    databreaches.net/2025/07/08/in

    No group seems to have claimed responsibility as yet and ION makes no mention of any extortion demand.

    #healthsec #cybersecurity #businessassociate #databreach

  16. Horizon Healthcare RCM is a business associate to numerous healthcare systems and entities.This past week, they disclosed that they were hit with a ransomware attack in December and that they paid to get the unnamed threat actor(s) to delete the stolen data.

    So far, they have not disclosed any numbers and none of their affected clients (assuming,for now, that there are affected clients) have reported the incident to HHS or any regulators that I can spot.

    This may or may not wind up being another big breach when we start finding out how many entities were affected and how many patients each. As always, going after third-party vendors is like "open sesame" for threat actors.

    databreaches.net/2025/06/29/ho

    #HealthSec #databreach #ransomware #cybersecurity #businessassociate

  17. Horizon Healthcare RCM is a business associate to numerous healthcare systems and entities.This past week, they disclosed that they were hit with a ransomware attack in December and that they paid to get the unnamed threat actor(s) to delete the stolen data.

    So far, they have not disclosed any numbers and none of their affected clients (assuming,for now, that there are affected clients) have reported the incident to HHS or any regulators that I can spot.

    This may or may not wind up being another big breach when we start finding out how many entities were affected and how many patients each. As always, going after third-party vendors is like "open sesame" for threat actors.

    databreaches.net/2025/06/29/ho

    #HealthSec #databreach #ransomware #cybersecurity #businessassociate

  18. Horizon Healthcare RCM is a business associate to numerous healthcare systems and entities.This past week, they disclosed that they were hit with a ransomware attack in December and that they paid to get the unnamed threat actor(s) to delete the stolen data.

    So far, they have not disclosed any numbers and none of their affected clients (assuming,for now, that there are affected clients) have reported the incident to HHS or any regulators that I can spot.

    This may or may not wind up being another big breach when we start finding out how many entities were affected and how many patients each. As always, going after third-party vendors is like "open sesame" for threat actors.

    databreaches.net/2025/06/29/ho

    #HealthSec #databreach #ransomware #cybersecurity #businessassociate

  19. Horizon Healthcare RCM is a business associate to numerous healthcare systems and entities.This past week, they disclosed that they were hit with a ransomware attack in December and that they paid to get the unnamed threat actor(s) to delete the stolen data.

    So far, they have not disclosed any numbers and none of their affected clients (assuming,for now, that there are affected clients) have reported the incident to HHS or any regulators that I can spot.

    This may or may not wind up being another big breach when we start finding out how many entities were affected and how many patients each. As always, going after third-party vendors is like "open sesame" for threat actors.

    databreaches.net/2025/06/29/ho

    #HealthSec #databreach #ransomware #cybersecurity #businessassociate

  20. Horizon Healthcare RCM is a business associate to numerous healthcare systems and entities.This past week, they disclosed that they were hit with a ransomware attack in December and that they paid to get the unnamed threat actor(s) to delete the stolen data.

    So far, they have not disclosed any numbers and none of their affected clients (assuming,for now, that there are affected clients) have reported the incident to HHS or any regulators that I can spot.

    This may or may not wind up being another big breach when we start finding out how many entities were affected and how many patients each. As always, going after third-party vendors is like "open sesame" for threat actors.

    databreaches.net/2025/06/29/ho

    #HealthSec #databreach #ransomware #cybersecurity #businessassociate

  21. NEW: Horizon Healthcare RCM discloses ransomware attack in December:

    databreaches.net/2025/06/29/ho

    The attack did encrypt files and it seems that Horizon paid to get data deleted.

    There is much we don't know yet, including how many patients total were affected, and which of their clients had affected patients.

    See the post for more information.

    #databreach #healthsec #ransomware #cybersecurity #businessassociate

    @campuscodi

  22. NEW: Horizon Healthcare RCM discloses ransomware attack in December:

    databreaches.net/2025/06/29/ho

    The attack did encrypt files and it seems that Horizon paid to get data deleted.

    There is much we don't know yet, including how many patients total were affected, and which of their clients had affected patients.

    See the post for more information.

    #databreach #healthsec #ransomware #cybersecurity #businessassociate

    @campuscodi

  23. NEW: Horizon Healthcare RCM discloses ransomware attack in December:

    databreaches.net/2025/06/29/ho

    The attack did encrypt files and it seems that Horizon paid to get data deleted.

    There is much we don't know yet, including how many patients total were affected, and which of their clients had affected patients.

    See the post for more information.

    #databreach #healthsec #ransomware #cybersecurity #businessassociate

    @campuscodi

  24. NEW: Horizon Healthcare RCM discloses ransomware attack in December:

    databreaches.net/2025/06/29/ho

    The attack did encrypt files and it seems that Horizon paid to get data deleted.

    There is much we don't know yet, including how many patients total were affected, and which of their clients had affected patients.

    See the post for more information.

    #databreach #healthsec #ransomware #cybersecurity #businessassociate

    @campuscodi

  25. NEW: Horizon Healthcare RCM discloses ransomware attack in December:

    databreaches.net/2025/06/29/ho

    The attack did encrypt files and it seems that Horizon paid to get data deleted.

    There is much we don't know yet, including how many patients total were affected, and which of their clients had affected patients.

    See the post for more information.

    #databreach #healthsec #ransomware #cybersecurity #businessassociate

    @campuscodi

  26. Alleged Geisinger hacker will defend himself pro se.

    What's that old adage about someone defending themself instead of using a lawyer? That they have a fool for a client?

    I've uploaded two of his filings -- the motion to defend pro se, which was granted, and now an emergency motion to be temporarily released from prison because... well, he gives some reasons. You'll see.

    databreaches.net/2025/06/18/al

    And fwiw, Nuance never responded to my inquiries at the time of his arrest asking about what kind of background check they had done because his history revealed a number of past run-ins with the law.

    #databreach #healthsec #businessassociate #HIPAA #insiderthreat #idtheft #fraud

  27. Alleged Geisinger hacker will defend himself pro se.

    What's that old adage about someone defending themself instead of using a lawyer? That they have a fool for a client?

    I've uploaded two of his filings -- the motion to defend pro se, which was granted, and now an emergency motion to be temporarily released from prison because... well, he gives some reasons. You'll see.

    databreaches.net/2025/06/18/al

    And fwiw, Nuance never responded to my inquiries at the time of his arrest asking about what kind of background check they had done because his history revealed a number of past run-ins with the law.

    #databreach #healthsec #businessassociate #HIPAA #insiderthreat #idtheft #fraud

  28. Alleged Geisinger hacker will defend himself pro se.

    What's that old adage about someone defending themself instead of using a lawyer? That they have a fool for a client?

    I've uploaded two of his filings -- the motion to defend pro se, which was granted, and now an emergency motion to be temporarily released from prison because... well, he gives some reasons. You'll see.

    databreaches.net/2025/06/18/al

    And fwiw, Nuance never responded to my inquiries at the time of his arrest asking about what kind of background check they had done because his history revealed a number of past run-ins with the law.

    #databreach #healthsec #businessassociate #HIPAA #insiderthreat #idtheft #fraud

  29. Alleged Geisinger hacker will defend himself pro se.

    What's that old adage about someone defending themself instead of using a lawyer? That they have a fool for a client?

    I've uploaded two of his filings -- the motion to defend pro se, which was granted, and now an emergency motion to be temporarily released from prison because... well, he gives some reasons. You'll see.

    databreaches.net/2025/06/18/al

    And fwiw, Nuance never responded to my inquiries at the time of his arrest asking about what kind of background check they had done because his history revealed a number of past run-ins with the law.

    #databreach #healthsec #businessassociate #HIPAA #insiderthreat #idtheft #fraud

  30. Alleged Geisinger hacker will defend himself pro se.

    What's that old adage about someone defending themself instead of using a lawyer? That they have a fool for a client?

    I've uploaded two of his filings -- the motion to defend pro se, which was granted, and now an emergency motion to be temporarily released from prison because... well, he gives some reasons. You'll see.

    databreaches.net/2025/06/18/al

    And fwiw, Nuance never responded to my inquiries at the time of his arrest asking about what kind of background check they had done because his history revealed a number of past run-ins with the law.

    #databreach #healthsec #businessassociate #HIPAA #insiderthreat #idtheft #fraud

  31. Episource is notifying 5.4 million patients of a cyberattack in January:

    databreaches.net/2025/06/17/ep

    Some media call this a #ransomware attack, but Episource does not mention any encryption of data and is silent on that question or any mention of any ransom demand. I cannot find any gang who has claimed responsibility for this incident or that has added it to any leak site.

    #healthsec #databreach #businessassociate

  32. Episource is notifying 5.4 million patients of a cyberattack in January:

    databreaches.net/2025/06/17/ep

    Some media call this a #ransomware attack, but Episource does not mention any encryption of data and is silent on that question or any mention of any ransom demand. I cannot find any gang who has claimed responsibility for this incident or that has added it to any leak site.

    #healthsec #databreach #businessassociate

  33. Episource is notifying 5.4 million patients of a cyberattack in January:

    databreaches.net/2025/06/17/ep

    Some media call this a #ransomware attack, but Episource does not mention any encryption of data and is silent on that question or any mention of any ransom demand. I cannot find any gang who has claimed responsibility for this incident or that has added it to any leak site.

    #healthsec #databreach #businessassociate

  34. Episource is notifying 5.4 million patients of a cyberattack in January:

    databreaches.net/2025/06/17/ep

    Some media call this a #ransomware attack, but Episource does not mention any encryption of data and is silent on that question or any mention of any ransom demand. I cannot find any gang who has claimed responsibility for this incident or that has added it to any leak site.

    #healthsec #databreach #businessassociate

  35. Episource is notifying 5.4 million patients of a cyberattack in January:

    databreaches.net/2025/06/17/ep

    Some media call this a #ransomware attack, but Episource does not mention any encryption of data and is silent on that question or any mention of any ransom demand. I cannot find any gang who has claimed responsibility for this incident or that has added it to any leak site.

    #healthsec #databreach #businessassociate