IT Security Incidents
Stay informed about real-world incidents that impact organizations and individuals. Get insights into data breaches, hacking attempts, and distributed denial-of-service (DDoS) attacks, along with expert analysis and recommended countermeasures.
Data Breaches at Medical Eye Services, PeakMed, Prospect Medical Services, and 4 More Healthcare Providers
Medical Eye Services Says PHI of 370,000 Patients Stolen in MOVEit Transfer Hack Medical Eye Services, Inc. based in California recently reported the theft of the protected health information (PHI) of 346,828 persons. The PHI … Read more
Cyberattacks on Westchester Medical Center Health Network, Fellowship Village, Meadville Medical Center, and BHI Energy Health Plan
Westchester Medical Center Health Network (WMCHealth) has encountered a cyberattack that impacted its IT systems. The health network discovered the attack last week. On October 20, 2023, at 10 p.m., all connected systems were shut … Read more
Community First Medical Center Data Breach, AlphV and CommonSpirit Health Ransomware Attack
Community First Medical Center based in Chicago, IL started telling 216,047 patients about a cyberattack that allowed an unauthorized entity to obtain access to its computer system on July 12, 2023. According to the September … Read more
Cyberattacks and Data Breaches Reported by Texas Medical Liability Trust, Bloom Health Centers and Other Healthcare Organizations
60,000 People Impacted by Texas Medical Liability Trust Data Breach The Texas Medical Liability Trust (TMLT) submitted a data breach report to the Maine Attorney General representing itself and its affiliate companies, Physicians Insurance Company, … Read more
Data Breaches Reported by Cummins Behavior Health, Redwood Coast Regional Center and Other Healthcare Entities
Data of 4 Million Coloradans Exposed in MOVEit Transfer Attack The Colorado Department of Health Care Policy and Financing (HCPF), which supervises the Medicaid program of the state and the Child Health Plan Plus (CHP+) … Read more
Cyberattacks at Precision Imaging Centers, Atrium Health Wake Forest Baptist, Marshall & Melhorn, and Murfreesboro Medical Clinic & SurgiCenter
Precision Imaging Centers located in Jacksonville, FL recently informed 31,010 patients with regards to a security breach that took place on or about November 2, 2022. Unauthorized persons acquired access to its system and extracted … Read more
How One Compromised VPN Account Brought Down Colonial Pipeline
The ransomware attack against Colonial Pipeline in May 2021 demonstrates how a single compromised VPN account can paralyze critical infrastructure and affect millions of Americans. This incident exposed fundamental security gaps in the energy sector … Read more
Latest News About Cyberattacks and Email Account Compromise on Healthcare Providers
Ohio Hospital Exposed Nurses and Other Staff to Workplace Violence The Occupational Safety and Health Administration (OSHA) has confirmed that a children’s hospital based in Columbus, Ohio didn’t sufficiently safeguard healthcare staff from violence in … Read more
The BianLian Ransomware Group and Vulnerabilities on Illumina Sequencing InstrumentsIllumina Sequencing Instruments
FBI and CISA Warn About BianLian Ransomware and Extortion Group The Federal Bureau of Investigation (FBI), Australian Cyber Security Centre (ACSC), and Cybersecurity and Infrastructure Security Agency (CISA) issued a joint cybersecurity advisory with regard … Read more
Recent Data Breaches Reported by Santa Clara Family Health Plan and Other Healthcare Organizations
Santa Clara Family Health Plan Encountered a Clop GoAnywhere Hack On March 30, 2023, Santa Clara Family Health Plan reported a 276,993-record data breach to the HHS’ Office for Civil Rights that was a result … Read more
Arizona Veterans’ Healthcare Facility Exposed Staff to Potentially Fatal Conditions and Other Data Breaches Reported
The investigation of an Arizona Department of Veteran Affairs (VA) healthcare facility showed that workers were put at risk because they were exposed to potentially fatal hazards on steam lines. Workers were permitted to do … Read more
Roundup of Recent Data Breaches and Cyber Attacks
mscripts Cloud Storage Misconfiguration Exposed PHI for 6 Years The mobile pharmacy company, mscripts, has just reported that its misconfigured cloud storage environment resulted in the exposure of client information on the internet for the … Read more
GoAnywhere MFT Hack Impacts Up to 1 Million Community Health Systems Patients and Growing Gootloader Attacks
Community Health Systems based in Franklin, TN recently reported being affected by a security incident that happened at cybersecurity firm, Fortra. Unauthorized people acquired access to the protected health information (PHI) of around 1 million … Read more
Round-up of Cyberattacks and Data Breaches Affecting Healthcare Organizations
Multiple Vulnerabilities Discovered in OpenEMR Health Record and Practice Management Software More than 100,000 healthcare providers across the globe use the open source electronic health record and medical practice management software called OpenEMR. They use … Read more
Retreat Behavioral Health, Maternal & Family Health Services, and L. Knife & Son Reported Data Breaches
Maternal & Family Health Services based in Eastern Pennsylvania lately informed a number of patients regarding a ransomware attack on April 4, 2022 that resulted in the exposure of sensitive patient data. As soon as … Read more
Around 254,000 Medicare Beneficiaries Impacted by CMS Subcontractor Ransomware Attack
On November 14, 2022, Health Care Management Solutions (HMS) located in Fairmont, WV announced a data breach to the HHS’ Office for Civil Rights that affected approximately 500,000 people. During that time, limited information regarding … Read more
119 Pediatric Practices Impacted by EHR Vendor Breach
Connexin Software Inc., an electronic medical records and practice management software provider to pediatric doctor practice groups has lately reported that it encountered a cyberattack wherein an unauthorized third party acquired access to its internal … Read more
2021 Data Breaches Reported by U.S. Vision Subsidiary and Florida Addiction Treatment Center
USV Optical, a branch of U.S. Vision, has lately reported the exposure of patient records at a number of entities inside its network. It detected suspicious activity inside its system on May 12, 2021. Forensic … Read more
Data Breach Affects At Least 13 Anesthesia Providers
A big data breach has happened at the management firm of several anesthesia services providers. Based on a media breach notice released by Anesthesia Associates of El Paso, one of the impacted providers, the data … Read more
Data Breaches at Choice Health, Tessie Cleveland Community Services Corp and Easterseals-Goodwill Northern Rocky Mountain
Humana lately reported the potential compromise of the protected health information (PHI) of 22,767 persons in a security incident at Choice Health. This business associate is Humana’s vendor of its Medicare products. On May 18, … Read more
Oakbend Medical Center Experiences Ransomware Attack
During the Labor Day weekend, Oakbend Medical Center based in Richmond, TX, encountered a ransomware attack, which began on September 1, 2022, resulting in the encryption of files in its network. The IT team of … Read more
2.65 Million Victims of OneTouchPoint Ransomware Attack
The number of persons impacted by the ransomware attack on OneTouchPoint, the mailing and printing vendor based in Hartland, WI, has now grown to 2,651,396 people. One of the most recent companies to confirm being … Read more
Independent Case Management & Conifer Health Solutions Report Cyberattacks
Independent Case Management (ICM) based in Little Rock, AR, a provider offering home and community-based assistance for persons with mental and developmental handicaps, recently informed 3,307 persons about the potential theft of some of their … Read more
Data Breaches Announced by Allegheny Health Network, St. Luke’s Health System, & Goldsboro Podiatry
St. Luke’s Health System based in Boise, ID, has just submitted a data breach report to the HHS’ Office for Civil Rights that affected 31,579 patients. The breach happened in May 2022 at Kaye-Smith, which … Read more
$500,000 Ransom Payment Seized by the Department of Justice
The U.S Department of Justice made an announcement that it seized approximately $500,000 in Bitcoin from North Korean threat actors that used the Maui ransomware to attack healthcare companies in the U.S.A. The Cybersecurity and … Read more
Fitzgibbon Hospital, Christiana Spine Center, and Diskriter Encounter Ransomware Attacks
On June 25, 2022, a representative of a threat group known as DAIXIN Team shared details with regards to a ransomware attack and information theft incident that occurred at Fitzgibbon Hospital located in Marshall, Missouri. … Read more
Former IT Consultant Facing Charges on Purposefully Causing Ruin to Healthcare Company’s Server
An IT specialist who worked as a service provider at a suburban healthcare organization in Chicago has been accused of illegally acquiring access to the firm’s network and deliberately causing ruin to a protected PC. … Read more
Theft Incident at SAC Health and Ransomware Attacks on Bryan County Ambulance Authority and Atlanta Perinatal Associates
Social Action Community Health System (SAC Health) has lately advised 149,940 patients regarding the theft of documents that contain their protected health information (PHI) in a break-in at an off-site storage place that keep patient … Read more
McKenzie Health System & Omnicell Report Cyberattacks
McKenzie Health System in Sandusky, MI, has just begun informing 25,318 individuals regarding the theft of some of their protected health information (PHI) due to a recent security incident that interrupted the operations of a … Read more
FBI Announcement on BEC Scams Reveals Losses Up to $43 Billion
The Federal Bureau of Investigation (FBI) has released a public service statement cautioning about the risk of Business Email Compromise/Email Account Compromise (BEC/EAC) frauds. The number of attacks documented by the FBI Internet Crime Complaint … Read more
Data Breaches Reported by La Casa de Salud and Valley View Hospital
La Casa de Salud, New York The human services organization Acacia Network based in New York City has lately informed the HHS’ Office for Civil Rights regarding an email account breach that was discovered on … Read more
South Denver Cardiology Associates Reports Data Breach Impacting 287,000 Individuals
South Denver Cardiology Associates (SDCA) has recently reported that it experienced a cyberattack in January 2022 that led to the access and possible theft of files that contain patient data by attackers. Strange network activity … Read more
DataHealth, JDC Healthcare Management, and Dr. Douglas C. Morrow Report Hacks and Ransomware Attacks
DataHealth DataHEALTH, the cloud hosting and data storage company based in Austin, TX, has announced a ransomware attack on November 3, 2021. Immediate action was undertaken to manage the incident and a third-party cybersecurity agency … Read more
Cyberattack Reported by Logan Health Medical Center and NHS Management
Logan Health Medical Center located in Kalispell, MT has recently commenced informing a number of patients that hackers obtained access to a file server that contained patient files in a highly sophisticated criminal attack. The … Read more
Latest Phishing Kits Used to Bypass Multi-Factor Authentication
Phishing attacks make it possible for threat actors to get credentials, but with multi-factor authentication (MFA), it is tougher for phishing attacks to become successful. With MFA activated, aside from a username and password, an … Read more
The University of Arkansas for Medical Sciences and Sacramento County Reported Email Breaches
The University of Arkansas for Medical Sciences and Sacramento County recently reported email-related breaches of protected health information (PHI). HIPAA Violation by an Employee of the University of Arkansas for Medical Sciences (UAMS) The University … Read more
Millennium Eye Care and Duneland School Corporation Cyberattack
Data of Millennium Eye Care Patients Stolen by Ransomware Gang A provider of ophthalmology services in Freehold, NJ, Millennium Eye Care, reported on December 22, 2021, that attackers lately obtained access to its computer system … Read more
Pharmacy Hospital and Dental Practice Report Hacking Cases Affecting Over 355,000 Individuals
An attacker acquired access to BioPlus Specialty Pharmacy Services, an IT network located in Altamonte Springs, FL. Files containing sensitive patient data were accessed by the attacker. The pharmacy discovered the attack on November 11, … Read more
PHI of 750,000 Oregon Anesthesiology Patients Restored After the Ransomware Attack
On July 11, 2021, the Oregon Anesthesiology Group learned that it suffered a ransomware attack that allowed the encrypting of files on its systems and obstructed the use of its servers and patient information. Subsequent … Read more
Email Account Breaches Impact PHI of 40,000 Individuals
Three healthcare providers have reported data breaches that affected the email accounts of employees. The occurrences potentially resulted in the exposure and likely theft of the protected health information (PHI) of around 40,000 people. Region … Read more
82% Of Healthcare Companies Have Suffered an IoT Cyberattack during the Last 18 Months
Medigate and CrowdStrike performed new research which presented the degree to which hackers are attacking healthcare Internet of Things (IoT) devices and alerts about the disturbing status of IoT security in the medical care sector. … Read more
Ransomware Attacks Reported by Victory Health Partners and Strategic Benefits Advisors
Victory Health Partners Alerts Patients Concerning September 2021 Ransomware Attack Victory Health Partners based in Mobile, AL has informed patients concerning a ransomware attack it detected on September 23, 2021. Before the attackers encrypted the … Read more
University Hospital Newark Alerts 9,000 People About Historic Insider Data Breach
University Hospital Newark (NY) has found out that a former worker had accessed the protected health information(PHI) of thousands of patients without authorization over the duration of a year. That information was later disclosed to … Read more
19,000 People Impacted by Ransomware Attack on Directions for Living
The non-profit behavioral health service provider Directions for Living based in Clearwater, FL experienced a ransomware attack last July 17, 2021. When Directions for Living found out about the attack, it let law enforcement and … Read more
Alaska DHSS Claims May 2021 Cyberattack Has Potential Effect on All Alaskans
The Alaska Department of Health and Social Services (DHSS) will commence sending notification letters to all people in the state informing them about the possible exposure of their personal and health data due to a … Read more
Unauthorized Individuals Accessed CareATC Email Accounts
Population health management firm CareATC based in Tulsa, OK, has learned that unauthorized people have accessed the email accounts of two workers and possibly acquired access to the personal data of patients and workers. CareATC … Read more
SonicWall Threat Report Indicates Substantial Growth in Ransomware Attacks
SonicWall publicized a Cyber Threat Report update last July, which affirmed a significant rise in cyberattacks beginning 2020. From January to June of 2021, cryptojacking attacks went up by 23%, encrypted threats went up by … Read more
UNM Health Data Breach Impacts Over 637,000 Individuals
UNM Health found out that an unauthorized third party acquired access to its system and possibly viewed and copied files from that included patients’ protected health information (PHI). The healthcare provider discovered the security incident … Read more
Phishing Attacks at Academic HealthPlans and Wayne County Hospital
Academic HealthPlans, Inc. (AHP) learned that an unauthorized person has obtained access to the email accounts of two workers after they responded to phishing emails. AHP was informed of a potential breach upon detecting suspicious … Read more
Impact of Elekta Ransomware Attack on Advocate Aurora Health, Jefferson Health, and Intermountain Healthcare Confirmed
Three more healthcare providers reported that they were affected by the latest ransomware attack on Elekta Inc, the Swedish radiation therapy and radiosurgery provider. Elekta offers a web-based mobile software referred to as SmartClinic, which … Read more












