IT Security Incidents
Stay informed about real-world incidents that impact organizations and individuals. Get insights into data breaches, hacking attempts, and distributed denial-of-service (DDoS) attacks, along with expert analysis and recommended countermeasures.
Email Account Breaches Impact PHI of 40,000 Individuals
Three healthcare providers have reported data breaches that affected the email accounts of employees. The occurrences potentially resulted in the exposure and likely theft of the protected health information (PHI) of around 40,000 people. Region … Read more
82% Of Healthcare Companies Have Suffered an IoT Cyberattack during the Last 18 Months
Medigate and CrowdStrike performed new research which presented the degree to which hackers are attacking healthcare Internet of Things (IoT) devices and alerts about the disturbing status of IoT security in the medical care sector. … Read more
Ransomware Attacks Reported by Victory Health Partners and Strategic Benefits Advisors
Victory Health Partners Alerts Patients Concerning September 2021 Ransomware Attack Victory Health Partners based in Mobile, AL has informed patients concerning a ransomware attack it detected on September 23, 2021. Before the attackers encrypted the … Read more
University Hospital Newark Alerts 9,000 People About Historic Insider Data Breach
University Hospital Newark (NY) has found out that a former worker had accessed the protected health information(PHI) of thousands of patients without authorization over the duration of a year. That information was later disclosed to … Read more
19,000 People Impacted by Ransomware Attack on Directions for Living
The non-profit behavioral health service provider Directions for Living based in Clearwater, FL experienced a ransomware attack last July 17, 2021. When Directions for Living found out about the attack, it let law enforcement and … Read more
Alaska DHSS Claims May 2021 Cyberattack Has Potential Effect on All Alaskans
The Alaska Department of Health and Social Services (DHSS) will commence sending notification letters to all people in the state informing them about the possible exposure of their personal and health data due to a … Read more
Unauthorized Individuals Accessed CareATC Email Accounts
Population health management firm CareATC based in Tulsa, OK, has learned that unauthorized people have accessed the email accounts of two workers and possibly acquired access to the personal data of patients and workers. CareATC … Read more
SonicWall Threat Report Indicates Substantial Growth in Ransomware Attacks
SonicWall publicized a Cyber Threat Report update last July, which affirmed a significant rise in cyberattacks beginning 2020. From January to June of 2021, cryptojacking attacks went up by 23%, encrypted threats went up by … Read more
UNM Health Data Breach Impacts Over 637,000 Individuals
UNM Health found out that an unauthorized third party acquired access to its system and possibly viewed and copied files from that included patients’ protected health information (PHI). The healthcare provider discovered the security incident … Read more
Phishing Attacks at Academic HealthPlans and Wayne County Hospital
Academic HealthPlans, Inc. (AHP) learned that an unauthorized person has obtained access to the email accounts of two workers after they responded to phishing emails. AHP was informed of a potential breach upon detecting suspicious … Read more
Impact of Elekta Ransomware Attack on Advocate Aurora Health, Jefferson Health, and Intermountain Healthcare Confirmed
Three more healthcare providers reported that they were affected by the latest ransomware attack on Elekta Inc, the Swedish radiation therapy and radiosurgery provider. Elekta offers a web-based mobile software referred to as SmartClinic, which … Read more
Kaseya Security Update Resolves Vulnerabilities Exploited in KSA Ransomware Attack
Kaseya has reported a security update published for the Kaseya KSA remote management and tracking software program to resolve the zero-day vulnerabilities, which the REvil ransomware gang fairly recently exploited in attacks on its customers … Read more
Exploit Available for ‘PrintNightmare’ Zero-Day Windows Print Spooler RCE Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has given a notification after a proof of concept (PoC) exploit had been published for a zero-day vulnerability identified in the Windows Print Spooler service. The vulnerability was … Read more
Data Breaches at Arizona Asthma and Allergy Institute, Stillwater Medical Center and Nebraska Department of Health and Human Services
Arizona Asthma and Allergy Institute sent breach notification letters to 70,372 patients who obtained services between October 1, 2015 and June 15, 2020. As per the breach notice, a selection of their personal data and … Read more
Third-Party Phishing Attack Impacts Around 34,862 Lafourche Medical Group Patients
Urgent care center operator Lafourche Medical Group located in Louisiana has informed 34,862 patients regarding a security breach that likely impacted their protected health information (PHI). Lafourche Medical Group discovered on March 30, 2021 that … Read more
420,433 People Affected by Health Plan of San Joaquin Email Security Breach
Health Plan of San Joaquin (HPSJ), which is a not-for-profit service provider of Medi-Cal managed care based in French Camp, CA, learned that an unauthorized individual has obtained access to its email system and likely … Read more
President Biden Signs Expansive Executive Order to Enhance Federal Networks Cybersecurity
On May 13, 2021, President Biden signed a comprehensive Executive Order that seeks to appreciably strengthen cybersecurity protections for federal systems, enhance threat information sharing between the private sector, the government, and law enforcement, and … Read more
Hackers Stole the PHI of Over 200,000 Washington D.C. Health Plan Members
CareFirst BlueCross BlueShield Community Health Plan District of Columbia (CHPDC) is notifying its members with regards to a cyberattack that resulted in the theft of their protected health information (PHI). CHPDC, previously known as Trusted … Read more
Over 1.2 Million Health Net Members Impacted by Cyberattack on Accellion
A number of healthcare companies have lately affirmed they were impacted by the Accellion cyberattack last December 2020. The attack was connected to the Clop ransomware gang since its leak website had published parts of … Read more
Data Breaches at California Department of State Hospitals and Eyemart Express
The Department of State Hospitals (DSH) in California has learned a worker obtained access to the protected health information (PHI) of 1,415 present/former patients and 617 personnel without consent. The employee had an Information Technology … Read more
Phishing Attack on Saint Alphonsus Health System, Saint Agnes Medical Center and Southeastern Minnesota Center for Independent Living
Due to a phishing attack encountered by Saint Alphonsus Health System based in Boise, ID, the information of its patients was potentially compromised, including the data of patients of Saint Agnes Medical Center located in … Read more
100% of Screened mHealth Applications Prone to API Attacks
The personally identifiable health information of a huge number of people is being compromised by means of the Application Programming Interfaces (APIs) employed by mobile health (mHealth) apps, reported by a current study shared by … Read more
Ransomware Attacks on Ramsey County and Crisp Regional Health Services and Vulnerability in Vaccine Scheduling Application
The County Manager’s Office of Ramsey County, MN has begun informing 8,700 customers of its Family Health Division regarding the potential access of some of their personal data by unauthorized persons brought about by a … Read more
Emisoft Reports No Less Than 560 Ransomware Attacks on U.S. Healthcare Facilities in 2020
Ransomware attacks in 2020 had a huge impact on companies and organizations in America. Ransomware gangs targeted the healthcare and education sectors, the federal, state, and municipal governments and departments. These sectors had no less … Read more
500k PCs Infected with Cryptocurrency Mining Malware in 12 Hours by Dofoil Trojan
A huge campaign distributing the Dofoil Trojan has been discovered by Microsoft. The campaign has already witnessed almost half a million PCs infected with the malware in less than 12 hours. The Dofoil Trojan is … Read more
Ransomware Attack Disables Campbell County Health Services
A ransomware attack at Campbell County Health has disrupted hospital services and left the organization unable to access patient information. Campbell County Health, based in Gillette, Wyoming, stated that the ransomware attack began at 3:30 … Read more
Phishing Attack at East Central Indiana School Trust Affects 3,200 Individuals
East Central Indiana School Trust (ECIST) is notifying more than 3,200 individuals that a phishing attack may have compromised their protected health information (PHI). On May 22, 2019, the organization noticed suspicious activity on an … Read more
Over 70 Employee Email Accounts Compromised in Phishing Attack on NCH Healthcare System
NCH Healthcare System is preparing to notify patients that their protected health information may have been compromised in a phishing attack. On June 14, 2019, NCH Healthcare System, based in Bonita Springs, Florida, noticed suspicious … Read more
Western Connecticut Health Network Patient Information Exposed in Mailing Incident
Western Connecticut Health Network is sending breach notification letters to patients whose protected health information (PHI) may have been exposed in a postal incidence. On June 11, 2019, Western Connecticut Health Network (WCHN), now known … Read more
Hackers Targeting US Utilities Sector with Spear Phishing Campaign
Hackers impersonating the US National Council of Examiners for Engineering and Surveying (NCEES) are targeting business in the US utility sector through a new phishing campaign. Between July 19 and July 25 2019, the hackers … Read more
Perry County Medical Center Notifying Patients Following Phishing Attack
Perry County Medical Center, Inc. d/b/a Three Rivers Community Health Group, has announced that it is notifying patients following a phishing attack which saw patient data compromised. Perry Country Medical Center, a health care centre … Read more
Presbyterian Healthcare Services Notifies 183,000 Patients Following Data Breach
Presbyterian Healthcare Services is notifying 183,000 patients that an unauthorised individual accessed their personal data. The hackers gained access to the patient data after successfully fooling several employees into handing over their login credentials … Read more
Ransomware Attack at Imperial Health Affects 110,000 Patients
A ransomware attack at Imperial Health has compromised the protected health information of more than 116,000 patients. On May 19, 2019, Imperial Health, a physicians’ network in Southwest Louisiana, discovered that an unauthorized party … Read more
Wise Health Phishing Attack Affects 36,000 Patients
Wise Health System is sending breach notification letters to 36,000 patients following a phishing attack on their system. Wise Health System is a health care system with over 1,900 employees based in Decatur, Texas. The … Read more
Dominion Health Data Breach Affects 3 Million Members
Dominion National is notifying patients of a data security incident that first stated in 2010 and has affected nearly 3 million members. Dominion National is a health insurer, health plan administrator, and administrator of dental … Read more
Microsoft June 2019 Patch Tuesday
Microsoft has issued patches for 88 vulnerabilities this patch Tuesday. Of the vulnerabilities, 20 were rated critical. One servicing stack and 4 advisories were also released in the update. Microsoft stated that there was no … Read more
Microsoft May 2019 Patch Tuesday
Microsoft has issued patches for 79 vulnerabilities this May 2019 Patch Tuesday. Of the vulnerabilities, 22 were rated critical. Adobe also issued patches for 84 vulnerabilities, 50 of which were critical. One critical flaw addressed … Read more
Southern Hills Eye Care Ransomware Attack Reported
Southern Hills Eye Care in Sioux City, Iowa, has announced that a recent ransomware attack on their facility may have compromised patient PHI. Ransomware is a variant of malware that prevents which hackers use to … Read more
DePaul Reports Phishing Compromised Employee Email Account
The assisted living facility provider DePaul has announced that a successful phishing attack on its networks has compromised patient data. DePaul, which operates facilities in New York, North Carolina, and South Carolina, discovered the breach … Read more
Data Breach at Rush University Medical Center Affects 45,000 Patients
Rush University Medical Center has announced that a data breach incident at a financial services vendor has compromised the PHI of 45,000 of their patients. The financial services vendor informed Rush of the incident on … Read more
Unauthorised Individual Gains Access to St. Francis Health System Patient Data
The Bon Secours St. Francis Health System has announced that unauthorised individual gained access to some of their patients’ protected health information (PHI). The hacker compromised the systems of Milestone Family Medicine, a medical facility … Read more
ICS-CERT Issues Medical Advisory for Vulnerabilities Found in BD FACSLyric Flow Cytometry Solution
The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has issued a medical advisory about vulnerabilities found in the BD FACSLyric flow cytometry solution. ICS-CERT is a governmental organisation that works to reduce the risk … Read more
Cyberattack Disrupts Printing of Major Newspapers
An investigation has been launched into a recent cyberattack that disrupted the printing of several major newspapers. The cyberattack on Tribune Publishing, attributed to a malware infection, caused disruption to several newspaper print runs including … Read more
Cancer Centers of America Falls Victim to Phishing Attack
Cancer Centers of America’s Western Regional Medical Center in Bullhead City, Arizona, has recently fallen victim to a phishing attack which has exposed the protected health information (PHI) of over 41,000 individuals. The attack occurred … Read more
Massive Marriott Data Breach Discovered: 500 Million Guests Affected
A massive Marriott data breach has been detected which could affect as many as 500 million individuals who previously made bookings at Starwood Hotels and Resorts. While the data breach is not the largest ever … Read more
Beazley’s Publishes Breach Insights Report for Q3 2018
Beazley’s, a specialist insurance group, has released their quarterly Breach Insight Report for Q3 2018. The report concerned the attacks managed by Beazley Breach Response Services, which deals with the aftermath of an attack, including … Read more
Twin Phishing Attacks on Children’s Hospital of Philadelphia’s Results in Data Breach
Children’s Hospital of Philadelphia (CHOP) has announced that the email accounts of two employees have been compromised following cyberattacks on two August 23 and August 29, 2018. On August 24, CHOP, a paediatric healthcare facility … Read more
Reliable Respiratory Falls Victim to Phishing Attack
Reliable Respiratory, a respiratory care provider, has announced that it has fallen victim to a phishing attack. Reliable Respiratory, based in Norwood, MA, stated that IT staff discovered the breach when they detected suspicious activity … Read more
Medical Data from Closed Pennsylvania Obs/Gyn Clinic Found at Allentown Public Recycling Center
Private Medical Data has been found at a recycling center in Allentown, Pennsylvania. Paper files containing names, Social Security numbers, and medical histories, including details of cancer diagnoses and sexually transmitted diseases were located that the … Read more
12,172 Individuals Impacted by ShopRite Data Breach
Pharmacy customers of ShopRite Supermarkets, Inc. have been impacted by a security violation caused by the improper disposal of a device used to record the signatures of customers. The device was used at the ShopRite, … Read more