IT Security Incidents

Three healthcare providers have reported data breaches that affected the email accounts of employees. The occurrences potentially resulted in the exposure and likely theft of the protected health information (PHI) of around 40,000 people. Region … Read more

Medigate and CrowdStrike performed new research which presented the degree to which hackers are attacking healthcare Internet of Things (IoT) devices and alerts about the disturbing status of IoT security in the medical care sector. … Read more

Victory Health Partners Alerts Patients Concerning September 2021 Ransomware Attack Victory Health Partners based in Mobile, AL has informed patients concerning a ransomware attack it detected on September 23, 2021. Before the attackers encrypted the … Read more

University Hospital Newark (NY) has found out that a former worker had accessed the protected health information(PHI) of thousands of patients without authorization over the duration of a year. That information was later disclosed to … Read more

The non-profit behavioral health service provider Directions for Living based in Clearwater, FL experienced a ransomware attack last July 17, 2021. When Directions for Living found out about the attack, it let law enforcement and … Read more

The Alaska Department of Health and Social Services (DHSS) will commence sending notification letters to all people in the state informing them about the possible exposure of their personal and health data due to a … Read more

Population health management firm CareATC based in Tulsa, OK, has learned that unauthorized people have accessed the email accounts of two workers and possibly acquired access to the personal data of patients and workers. CareATC … Read more

SonicWall publicized a Cyber Threat Report update last July, which affirmed a significant rise in cyberattacks beginning 2020. From January to June of 2021, cryptojacking attacks went up by 23%, encrypted threats went up by … Read more

UNM Health found out that an unauthorized third party acquired access to its system and possibly viewed and copied files from that included patients’ protected health information (PHI). The healthcare provider discovered the security incident … Read more

Academic HealthPlans, Inc. (AHP) learned that an unauthorized person has obtained access to the email accounts of two workers after they responded to phishing emails. AHP was informed of a potential breach upon detecting suspicious … Read more

Three more healthcare providers reported that they were affected by the latest ransomware attack on Elekta Inc, the Swedish radiation therapy and radiosurgery provider. Elekta offers a web-based mobile software referred to as SmartClinic, which … Read more

Kaseya has reported a security update published for the Kaseya KSA remote management and tracking software program to resolve the zero-day vulnerabilities, which the REvil ransomware gang fairly recently exploited in attacks on its customers … Read more

The Cybersecurity and Infrastructure Security Agency (CISA) has given a notification after a proof of concept (PoC) exploit had been published for a zero-day vulnerability identified in the Windows Print Spooler service. The vulnerability was … Read more

Arizona Asthma and Allergy Institute sent breach notification letters to 70,372 patients who obtained services between October 1, 2015 and June 15, 2020. As per the breach notice, a selection of their personal data and … Read more

Urgent care center operator Lafourche Medical Group located in Louisiana has informed 34,862 patients regarding a security breach that likely impacted their protected health information (PHI). Lafourche Medical Group discovered on March 30, 2021 that … Read more

Health Plan of San Joaquin (HPSJ), which is a not-for-profit service provider of Medi-Cal managed care based in French Camp, CA, learned that an unauthorized individual has obtained access to its email system and likely … Read more

On May 13, 2021, President Biden signed a comprehensive Executive Order that seeks to appreciably strengthen cybersecurity protections for federal systems, enhance threat information sharing between the private sector, the government, and law enforcement, and … Read more

CareFirst BlueCross BlueShield Community Health Plan District of Columbia (CHPDC) is notifying its members with regards to a cyberattack that resulted in the theft of their protected health information (PHI). CHPDC, previously known as Trusted … Read more

A number of healthcare companies have lately affirmed they were impacted by the Accellion cyberattack last December 2020. The attack was connected to the Clop ransomware gang since its leak website had published parts of … Read more

The Department of State Hospitals (DSH) in California has learned a worker obtained access to the protected health information (PHI) of 1,415 present/former patients and 617 personnel without consent. The employee had an Information Technology … Read more

Due to a phishing attack encountered by Saint Alphonsus Health System based in Boise, ID, the information of its patients was potentially compromised, including the data of patients of Saint Agnes Medical Center located in … Read more

The personally identifiable health information of a huge number of people is being compromised by means of the Application Programming Interfaces (APIs) employed by mobile health (mHealth) apps, reported by a current study shared by … Read more

The County Manager’s Office of Ramsey County, MN has begun informing 8,700 customers of its Family Health Division regarding the potential access of some of their personal data by unauthorized persons brought about by a … Read more

Ransomware attacks in 2020 had a huge impact on companies and organizations in America. Ransomware gangs targeted the healthcare and education sectors, the federal, state, and municipal governments and departments. These sectors had no less … Read more

A huge campaign distributing the Dofoil Trojan has been discovered by Microsoft. The campaign has already witnessed almost half a million PCs infected with the malware in less than 12 hours. The Dofoil Trojan is … Read more

A ransomware attack at Campbell County Health has disrupted hospital services and left the organization unable to access patient information.  Campbell County Health, based in Gillette, Wyoming, stated that the ransomware attack began at 3:30 … Read more

East Central Indiana School Trust (ECIST) is notifying more than 3,200 individuals that a phishing attack may have compromised their protected health information (PHI). On May 22, 2019, the organization noticed suspicious activity on an … Read more

NCH Healthcare System is preparing to notify patients that their protected health information may have been compromised in a phishing attack. On June 14, 2019, NCH Healthcare System, based in Bonita Springs, Florida, noticed suspicious … Read more

Western Connecticut Health Network is sending breach notification letters to patients whose protected health information (PHI) may have been exposed in a postal incidence.  On June 11, 2019, Western Connecticut Health Network (WCHN), now known … Read more

Hackers impersonating the US National Council of Examiners for Engineering and Surveying (NCEES) are targeting business in the US utility sector through a new phishing campaign.  Between July 19 and July 25 2019, the hackers … Read more

Perry County Medical Center, Inc. d/b/a Three Rivers Community Health Group, has announced that it is notifying patients following a phishing attack which saw patient data compromised.  Perry Country Medical Center, a health care centre … Read more

Presbyterian Healthcare Services is notifying 183,000 patients that an unauthorised individual accessed their personal data.   The hackers gained access to the patient data after successfully fooling several employees into handing over their login credentials … Read more

A ransomware attack at Imperial Health has compromised the protected health information of more than 116,000 patients.   On May 19, 2019, Imperial Health, a physicians’ network in Southwest Louisiana, discovered that an unauthorized party … Read more

Wise Health System is sending breach notification letters to 36,000 patients following a phishing attack on their system. Wise Health System is a health care system with over 1,900 employees based in Decatur, Texas. The … Read more

Dominion National is notifying patients of a data security incident that first stated in 2010 and has affected nearly 3 million members. Dominion National is a health insurer, health plan administrator, and administrator of dental … Read more

Microsoft has issued patches for 88 vulnerabilities this patch Tuesday. Of the vulnerabilities, 20 were rated critical. One servicing stack and 4 advisories were also released in the update. Microsoft stated that there was no … Read more

Microsoft has issued patches for 79 vulnerabilities this May 2019 Patch Tuesday. Of the vulnerabilities, 22 were rated critical. Adobe also issued patches for 84 vulnerabilities, 50 of which were critical. One critical flaw addressed … Read more

Southern Hills Eye Care in Sioux City, Iowa, has announced that a recent ransomware attack on their facility may have compromised patient PHI. Ransomware is a variant of malware that prevents which hackers use to … Read more

The assisted living facility provider DePaul has announced that a successful phishing attack on its networks has compromised patient data. DePaul, which operates facilities in New York, North Carolina, and South Carolina, discovered the breach … Read more

Rush University Medical Center has announced that a data breach incident at a financial services vendor has compromised the PHI of 45,000 of their patients. The financial services vendor informed Rush of the incident on … Read more

The Bon Secours St. Francis Health System has announced that unauthorised individual gained access to some of their patients’ protected health information (PHI). The hacker compromised the systems of Milestone Family Medicine, a medical facility … Read more

The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has issued a medical advisory about vulnerabilities found in the BD FACSLyric flow cytometry solution. ICS-CERT is a governmental organisation that works to reduce the risk … Read more

An investigation has been launched into a recent cyberattack that disrupted the printing of several major newspapers. The cyberattack on Tribune Publishing, attributed to a malware infection, caused disruption to several newspaper print runs including … Read more

Cancer Centers of America’s Western Regional Medical Center in Bullhead City, Arizona, has recently fallen victim to a phishing attack which has exposed the protected health information (PHI) of over 41,000 individuals. The attack occurred … Read more

A massive Marriott data breach has been detected which could affect as many as 500 million individuals who previously made bookings at Starwood Hotels and Resorts. While the data breach is not the largest ever … Read more

Beazley’s, a specialist insurance group, has released their quarterly Breach Insight Report for Q3 2018. The report concerned the attacks managed by Beazley Breach Response Services, which deals with the aftermath of an attack, including … Read more

Children’s Hospital of Philadelphia (CHOP) has announced that the email accounts of two employees have been compromised following cyberattacks on two August 23 and August 29, 2018. On August 24, CHOP, a paediatric healthcare facility … Read more

Reliable Respiratory, a respiratory care provider, has announced that it has fallen victim to a phishing attack. Reliable Respiratory, based in Norwood, MA, stated that IT staff discovered the breach when they detected suspicious activity … Read more