Data Breaches at California Department of State Hospitals and Eyemart Express

The Department of State Hospitals (DSH) in California has learned a worker obtained access to the protected health information (PHI) of 1,415 present/former patients and 617 personnel without consent. The employee had an Information Technology job and got access to data servers that contain sensitive patient and staff information so as to perform work assignments. … Read more

Phishing Attack on Saint Alphonsus Health System, Saint Agnes Medical Center and Southeastern Minnesota Center for Independent Living

Due to a phishing attack encountered by Saint Alphonsus Health System based in Boise, ID, the information of its patients was potentially compromised, including the data of patients of Saint Agnes Medical Center located in Fresno, CA. Saint Alphonsus detected strange activity in the email account of an employee on January 6, 2021. The provider … Read more

100% of Screened mHealth Applications Prone to API Attacks

The personally identifiable health information of a huge number of people is being compromised by means of the Application Programming Interfaces (APIs) employed by mobile health (mHealth) apps, reported by a current study shared by cybersecurity agency Approov. Ethical hacker and researcher Allissa Knight carried out the study to discover how protected famous mHealth apps … Read more

Ransomware Attacks on Ramsey County and Crisp Regional Health Services and Vulnerability in Vaccine Scheduling Application

The County Manager’s Office of Ramsey County, MN has begun informing 8,700 customers of its Family Health Division regarding the potential access of some of their personal data by unauthorized persons brought about by a ransomware attack on its vendor Netgain Technology LLC. Netgain Technology LLC based in St. Cloud offers technology solutions to Ramsey … Read more

Emisoft Reports No Less Than 560 Ransomware Attacks on U.S. Healthcare Facilities in 2020

Ransomware attacks in 2020 had a huge impact on companies and organizations in America. Ransomware gangs targeted the healthcare and education sectors, the federal, state, and municipal governments and departments. These sectors had no less than 2,354 attacks in 2020 as per the most recent State of Ransomware report of Emsisoft, a cybersecurity company based … Read more

Vulnerabilities Identified in Philips IntelliVue Firmware

Cybersecurity researchers have identified vulnerabilities in Philips IntelliVue WLAN firmware which could be exploited by hackers to install malware. Two vulnerabilities affect specific IntelliVue MP monitors. Hackers could use the vulnerabilities to install malicious firmware which could impact data flow and lead to an inoperable condition alert at the device and Central Station. Shawn Loveric, … Read more

Software Vulnerability Identified in Change Healthcare Cardiology Devices

Cybersecurity researchers have identified a flaw in Change Healthcare Cardiology, McKesson Cardiology, and Horizon Cardiology devices. Locally authenticated users could exploit the flaw to insert files that could allow the attacker to execute arbitrary code on a vulnerable device. Alfonso Powers and Bradley Shubin of Asante Information Security identified the flaw (CVE-2019-18630) and reported the … Read more

Hackers Targeting US Utilities Sector with Spear Phishing Campaign

Hackers impersonating the US National Council of Examiners for Engineering and Surveying (NCEES) are targeting business in the US utility sector through a new phishing campaign.  Between July 19 and July 25 2019, the hackers sent phishing emails to three utility companies in the US. In each case, the hackers attempted to infect the organization’s … Read more

Ransomware Attack at Imperial Health Affects 110,000 Patients

A ransomware attack at Imperial Health has compromised the protected health information of more than 116,000 patients.   On May 19, 2019, Imperial Health, a physicians’ network in Southwest Louisiana, discovered that an unauthorized party had installed ransomware onto the network, encrypting files and a database used by the Imperial Health’s Center for Orthopaedics (CFO). … Read more

Wise Health Phishing Attack Affects 36,000 Patients

Wise Health System is sending breach notification letters to 36,000 patients following a phishing attack on their system. Wise Health System is a health care system with over 1,900 employees based in Decatur, Texas. The breach occurred on March 14, 2019, when a hacker sent phishing emails to employees of the organization. Several employees were … Read more

Microsoft July 2019 Patch Tuesday

Microsoft has issued patches for 77 vulnerabilities this Patch Tuesday. Of the vulnerabilities, 15 were rated critical and two were actively exploited zero day vulnerabilities.  Six of the vulnerabilities patched this month had been previously disclosed to the public. The two actively exploited zero-days are both privilege escalation vulnerabilities. The first – CVE-2019-0880 – affects … Read more

Flaw in Dell SupportAssist Leaves Millions of PCs vulnerable

A newly-identified privilege escalation flaw in Dell SupportAssist could leave millions of Dell PCs and laptops vulnerable attack. Threat actors could employ malicious software to elevate their privileges to administrator level and hijack the device for their nefarious purposes. The flaw affects both the home 9 (v 3.2.1 and prior) and business (v 2.0) versions … Read more

Microsoft June 2019 Patch Tuesday

Microsoft has issued patches for 88 vulnerabilities this patch Tuesday. Of the vulnerabilities, 20 were rated critical. One servicing stack and 4 advisories were also released in the update. Microsoft stated that there was no evidence to suggest that threat actors had been actively exploiting the vulnerabilities in the wild. SandboxEscaper, a security researcher, identified … Read more

Microsoft May 2019 Patch Tuesday

Microsoft has issued patches for 79 vulnerabilities this May 2019 Patch Tuesday. Of the vulnerabilities, 22 were rated critical. Adobe also issued patches for 84 vulnerabilities, 50 of which were critical. One critical flaw addressed by Microsoft left affected users vulnerable to WannaCry-style malware attacks. This vulnerability (CVE-2019-0708) is in Remote Desktop Services and can … Read more

Oracle WebLogic Server Vulnerability Exploited Using Sodinokibi Ransomware

A vulnerability in Oracle WebLogic Server is being exploited in the wild by a new ransomware variant named Sodinokibi. On April 26, Oracle released an out-of-band patch to address the vulnerability (CVE-2019-2725). There have been several reported cases of the vulnerability being exploited in the wild. Oracle WebLogic Server is part of Oracle Middleware, a … Read more

Southern Hills Eye Care Ransomware Attack Reported

Southern Hills Eye Care in Sioux City, Iowa, has announced that a recent ransomware attack on their facility may have compromised patient PHI. Ransomware is a variant of malware that prevents which hackers use to extort victims. The malware prevents the victim from accessing their computer, or files on their computer until a ransom is … Read more

DePaul Reports Phishing Compromised Employee Email Account

The assisted living facility provider DePaul has announced that a successful phishing attack on its networks has compromised patient data. DePaul, which operates facilities in New York, North Carolina, and South Carolina, discovered the breach on February 1, 2019. IT security staff immediately took steps to secure the compromised account and block the unauthorised individual’s … Read more

ICS-CERT Issues Medical Advisory for Vulnerabilities Found in BD FACSLyric Flow Cytometry Solution

The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has issued a medical advisory about vulnerabilities found in the BD FACSLyric flow cytometry solution. ICS-CERT is a governmental organisation that works to reduce the risk of cybercrime to US businesses. The medical advisory stated the flaw in the device, manufactured by Becton, Dickinson, and Company … Read more

Cyberattack Disrupts Printing of Major Newspapers

An investigation has been launched into a recent cyberattack that disrupted the printing of several major newspapers. The cyberattack on Tribune Publishing, attributed to a malware infection, caused disruption to several newspaper print runs including those of the Los Angeles Times, San Diego Tribune, and the west coast editions of the New York Times and … Read more

Beazley’s Publishes Breach Insights Report for Q3 2018

Beazley’s, a specialist insurance group, has released their quarterly Breach Insight Report for Q3 2018. The report concerned the attacks managed by Beazley Breach Response Services, which deals with the aftermath of an attack, including the investigation and the breach response. One of the most prevalent findings of the report is the huge rise in … Read more

Twin Phishing Attacks on Children’s Hospital of Philadelphia’s Results in Data Breach

Children’s Hospital of Philadelphia (CHOP) has announced that the email accounts of two employees have been compromised following cyberattacks on two August 23 and August 29, 2018. On August 24, CHOP, a paediatric healthcare facility and primary care provider, discovered an unauthorized individual had gained access to the email account of one of the physicians … Read more

Reliable Respiratory Falls Victim to Phishing Attack

Reliable Respiratory, a respiratory care provider, has announced that it has fallen victim to a phishing attack. Reliable Respiratory, based in Norwood, MA, stated that IT staff discovered the breach when they detected suspicious activity on an employee’s email account on July 3. The organisation immediately launched an investigation, which revealed that a hacker had … Read more

Proofpoint Announces Discovery of Marap Malware Strain

Proofpoint has announced the discovery of a new malware strain called Marap. Security researchers at Proofpoint stated that Marap malware is currently being used for gathering information about victims. The threat actor’s aim appears to be the creation of a network of infected users which they can target in future attacks. The malware operates by … Read more

Medical Data from Closed Pennsylvania Obs/Gyn Clinic Found at Allentown Public Recycling Center

Private Medical Data has been found at a recycling center in Allentown, Pennsylvania. Paper files containing names, Social Security numbers, and medical histories, including details of cancer diagnoses and sexually transmitted diseases were located that the center by a city worker. The medical files appear to have belonged to Women’s Health Consultants, an obstetrics and gynecology … Read more

12,172 Individuals Impacted by ShopRite Data Breach

Pharmacy customers of ShopRite Supermarkets, Inc. have been impacted by a security violation caused by the improper disposal of a device used to record the signatures of customers. The device was used at the ShopRite, Kingston, NY location during the time period from 2005-2015 and saved personal and medical details. Customers who went to the … Read more

Extortion Attack on Private Information of Sports Medicine Clients

7,000 patients of Sports Medicine & Rehabilitation Therapy (SMART) have been alerted of a possible breach of the private personal information. It is believed the breach, which involved an extortion attempt, may have impacted anyone whose information was taken during a visit to a SMART center before the last day of 2016. The extortion attempt … Read more

1300 People Impacted by RiverMend Health Breach

An unauthorized person has been found to have obtained access to the email credentials of one the  employees at RiverMend Health, a provider of specialty behavioral health services including services for drug and alcohol addiction. The unauthorized access was discovered by the Augusta, GA-based group on August 10, 2017, when it was noticed that suspicious … Read more

PHI Exposure May Have Happened Following Theft of Unencrypted Laptop

Exposure of patients’ protected health information may have occurred after an unencrypted laptop computer was stolen from a car belonging to an employee of Bassett Family Practice in Virginia. The theft of the laptop is thought to have occurred during the weekend of 12/13 August. Patients were warned of the exposure of their private date … Read more

51,000 Plan Members Affect by Network Health Phishing Attack

Network Health, a Wisconsin-based insurer, has contact 51,232 of its plan members to advise them that some of their protected health information (PHI) hmay have been obtained by unauthorized persons. Last August,  a number of Network Health staff members received sophisticated phishing emails. Two of those members of staff replied to the scam correspondence and handed … Read more

Cybercriminals with Nation-State Support Responsible for Yahoo Attack

InfoArmor has claimed that data from the Yahoo breach of over one billion user accounts has already been purchased on the black market by multiple third parties on numerous occasions. Although Yahoo argues that a nation-state sponsored group was responsible for the hack, research carried out by InfoArmor’s indicates otherwise and a number security experts … Read more

Global Reports of WannaCry Ransomware Attacks

There has been a huge increase in WannaCry ransomware attacks around the globe, including a new campaign being launched on Friday the 13th of May 2017. Unlike previous WannaCry ransomware attacks, the present campaign takes advantage of a vulnerability that is found in Server Message Block 1.0 (SMBv1). Zero day exploits are often employed by … Read more

US-Certs: SSL Inspection Tools Might Make Cybersecurity Weaker

A recent warning issued by US-CERT has advised that SSL inspection tools may actually do the opposite of what they are intended for; i.e. they might serve to weaken the cyber defenses of healthcare organizations’ rather than strengthen them – by making their computer systems more at risk of man-in-the-middle attacks. It should be noted … Read more

Wi-Fi Routers Infected by Switcher Trojan through Android Mobiles

Kaspersky Lab has identified a highly dangerous new Trojan which has been used to attack Wi-Fi routers through Android devices. The new form of malware, which has been dubbed the Switcher Trojan, is presently being employed to attack routers based in China. Nonetheless, Kaspersky Lab researchers have warned that the new malware could indicate a … Read more

Erie County Medical Center Patients Put at Risk by Apparent Ransomware Attack

Ashland Women’s Health confirmed in April 2017 that it had been the victim of a significant ransomware attack.19,272 Ashland patients were affected. This followed confirmation the previous week that ABCD pediatrics ransomware attack had put 55,447 patients at risk. On Sunday 9th April, a third healthcare provider became aware that it had received a ‘virus’ … Read more

San Francisco Transport System Ransomware Attack Reported

A ransomware attack on the San Francisco Transport System in November 2016 resulted in the encryption of computers used by the city’s light rail system. The criminals responsible for the attack demanded ransom of 100 Bitcoin (approxiately $70,000) for the key to unlock the encryption. The San Francisco Municipal Transportation Agency (SFMTA) stated that although … Read more

ABCD Pediatrics Hit By Ransomware Attack Affecting 55,000 Patients

The private health information relating to more than 55,000 patients may have been compromised in during a ransomware attack against ABCD Pediatrics on the 6th of February 2017. Attackers managed to access ABCD Pediatrics’ servers following which Dharma ransomware was installed and consequently some PHI was encrypted. Dharma ransomware has been identified by experts as … Read more

New Powershell Remote Access Trojan Identified

Researchers at Cisco Talos have recently identified a new Powershell remote access Trojan. The memory-resident malware is almost impossible to detect because it doesn’t write files to the computer’s hard drive and uses a new way of communicating with its C2. The infection is spread via a malicious Microsoft Word document sent as an email … Read more

Warning Issued by OCR to Providers of Healthcare Regarding Use of HTTPS Inspection Tools

Numerous healthcare organization employ HTTPS inspection tools in order to monitor HTTPS connections for any malware which may be present. HTTPS inspection tools are used to decrypt secure HTTPS network traffic and verify content prior to re-encrypting traffic. The purpose of HTTPS inspection tools is to enhance security, however the Department of Health and Human … Read more

Thousands of Sites at Risk from Newly Identified Zero Day WordPress Vulnerability

A Sucuri researcher has recently discovered a new zero day WordPress vulnerability in the WordPress REST API. The vulnerability permits content injection and the escalation of user privileges. Should it be exploited, an unauthenticated user might be able to make modifications to any content found on the WordPress sites, which could include the addition of … Read more