IT Security Incidents
Stay informed about real-world incidents that impact organizations and individuals. Get insights into data breaches, hacking attempts, and distributed denial-of-service (DDoS) attacks, along with expert analysis and recommended countermeasures.
Wise Health Phishing Attack Affects 36,000 Patients
Wise Health System is sending breach notification letters to 36,000 patients following a phishing attack on their system. Wise Health System is a health care system with over 1,900 employees based in Decatur, Texas. The … Read more
Dominion Health Data Breach Affects 3 Million Members
Dominion National is notifying patients of a data security incident that first stated in 2010 and has affected nearly 3 million members. Dominion National is a health insurer, health plan administrator, and administrator of dental … Read more
Microsoft June 2019 Patch Tuesday
Microsoft has issued patches for 88 vulnerabilities this patch Tuesday. Of the vulnerabilities, 20 were rated critical. One servicing stack and 4 advisories were also released in the update. Microsoft stated that there was no … Read more
Microsoft May 2019 Patch Tuesday
Microsoft has issued patches for 79 vulnerabilities this May 2019 Patch Tuesday. Of the vulnerabilities, 22 were rated critical. Adobe also issued patches for 84 vulnerabilities, 50 of which were critical. One critical flaw addressed … Read more
Southern Hills Eye Care Ransomware Attack Reported
Southern Hills Eye Care in Sioux City, Iowa, has announced that a recent ransomware attack on their facility may have compromised patient PHI. Ransomware is a variant of malware that prevents which hackers use to … Read more
DePaul Reports Phishing Compromised Employee Email Account
The assisted living facility provider DePaul has announced that a successful phishing attack on its networks has compromised patient data. DePaul, which operates facilities in New York, North Carolina, and South Carolina, discovered the breach … Read more
Data Breach at Rush University Medical Center Affects 45,000 Patients
Rush University Medical Center has announced that a data breach incident at a financial services vendor has compromised the PHI of 45,000 of their patients. The financial services vendor informed Rush of the incident on … Read more
Unauthorised Individual Gains Access to St. Francis Health System Patient Data
The Bon Secours St. Francis Health System has announced that unauthorised individual gained access to some of their patients’ protected health information (PHI). The hacker compromised the systems of Milestone Family Medicine, a medical facility … Read more
ICS-CERT Issues Medical Advisory for Vulnerabilities Found in BD FACSLyric Flow Cytometry Solution
The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has issued a medical advisory about vulnerabilities found in the BD FACSLyric flow cytometry solution. ICS-CERT is a governmental organisation that works to reduce the risk … Read more
Cyberattack Disrupts Printing of Major Newspapers
An investigation has been launched into a recent cyberattack that disrupted the printing of several major newspapers. The cyberattack on Tribune Publishing, attributed to a malware infection, caused disruption to several newspaper print runs including … Read more
Cancer Centers of America Falls Victim to Phishing Attack
Cancer Centers of America’s Western Regional Medical Center in Bullhead City, Arizona, has recently fallen victim to a phishing attack which has exposed the protected health information (PHI) of over 41,000 individuals. The attack occurred … Read more
Massive Marriott Data Breach Discovered: 500 Million Guests Affected
A massive Marriott data breach has been detected which could affect as many as 500 million individuals who previously made bookings at Starwood Hotels and Resorts. While the data breach is not the largest ever … Read more
Beazley’s Publishes Breach Insights Report for Q3 2018
Beazley’s, a specialist insurance group, has released their quarterly Breach Insight Report for Q3 2018. The report concerned the attacks managed by Beazley Breach Response Services, which deals with the aftermath of an attack, including … Read more
Twin Phishing Attacks on Children’s Hospital of Philadelphia’s Results in Data Breach
Children’s Hospital of Philadelphia (CHOP) has announced that the email accounts of two employees have been compromised following cyberattacks on two August 23 and August 29, 2018. On August 24, CHOP, a paediatric healthcare facility … Read more
Reliable Respiratory Falls Victim to Phishing Attack
Reliable Respiratory, a respiratory care provider, has announced that it has fallen victim to a phishing attack. Reliable Respiratory, based in Norwood, MA, stated that IT staff discovered the breach when they detected suspicious activity … Read more
Medical Data from Closed Pennsylvania Obs/Gyn Clinic Found at Allentown Public Recycling Center
Private Medical Data has been found at a recycling center in Allentown, Pennsylvania. Paper files containing names, Social Security numbers, and medical histories, including details of cancer diagnoses and sexually transmitted diseases were located that the … Read more
12,172 Individuals Impacted by ShopRite Data Breach
Pharmacy customers of ShopRite Supermarkets, Inc. have been impacted by a security violation caused by the improper disposal of a device used to record the signatures of customers. The device was used at the ShopRite, … Read more
UAB Medicine Encounters PHI Breach Due to Missing Laptops
The UAB Medicine Viral Hepatitis Clinic located in Birmingham, AL has encountered a violation of patients’ protected health information (PHI). UAB Medicine employs the use of flash drives to shift data from its Fibroscan machine … Read more
Extortion Attack on Private Information of Sports Medicine Clients
7,000 patients of Sports Medicine & Rehabilitation Therapy (SMART) have been alerted of a possible breach of the private personal information. It is believed the breach, which involved an extortion attempt, may have impacted anyone … Read more
PHI of 932 Texas Children’s Health Plan Members’ in Email Breach
An email to the personal email account of a former employee of the Texas Children’s Health Plan has been discovered to have exposed the protected health information (PHI) of 932 members. The incident was identified … Read more
Danger of Using USB Drives to Store PHI Highlighted of Data Breach
Two USB drives holding the protected health information of almost 2,000 veterans at the Man-Grandstaff VA Medical Center in Spokane, WA have been discovered to be stolen. The two devices were storing data from a … Read more
1300 People Impacted by RiverMend Health Breach
An unauthorized person has been found to have obtained access to the email credentials of one the employees at RiverMend Health, a provider of specialty behavioral health services including services for drug and alcohol addiction. … Read more
Attackers Decrypting WiFi Traffic Thanks to KRACK WiFi Security Weakness
A WiFi security flaw in WPA2 called KRACK has been discovered in an investigation at the University of Leuven in Belgium. The KRACK WiFi security weakness affects all modern WiFi networks and could be used for … Read more
PHI Exposure May Have Happened Following Theft of Unencrypted Laptop
Exposure of patients’ protected health information may have occurred after an unencrypted laptop computer was stolen from a car belonging to an employee of Bassett Family Practice in Virginia. The theft of the laptop is … Read more
PHI of 10,500 Patients Found Exposed in Basement Owned by Psychiatrist
The medical details of over 10,000 patients of an Illinois-based psychiatrist – Dr. Riaz Baber, M.D. – have been found in the accessible basement of an Aurora property by the woman who was renting the … Read more
51,000 Plan Members Affect by Network Health Phishing Attack
Network Health, a Wisconsin-based insurer, has contact 51,232 of its plan members to advise them that some of their protected health information (PHI) hmay have been obtained by unauthorized persons. Last August, a number of Network … Read more
Cybercriminals with Nation-State Support Responsible for Yahoo Attack
InfoArmor has claimed that data from the Yahoo breach of over one billion user accounts has already been purchased on the black market by multiple third parties on numerous occasions. Although Yahoo argues that a … Read more
Global Reports of WannaCry Ransomware Attacks
There has been a huge increase in WannaCry ransomware attacks around the globe, including a new campaign being launched on Friday the 13th of May 2017. Unlike previous WannaCry ransomware attacks, the present campaign takes … Read more
US-Certs: SSL Inspection Tools Might Make Cybersecurity Weaker
A recent warning issued by US-CERT has advised that SSL inspection tools may actually do the opposite of what they are intended for; i.e. they might serve to weaken the cyber defenses of healthcare organizations’ … Read more
Wi-Fi Routers Infected by Switcher Trojan through Android Mobiles
Kaspersky Lab has identified a highly dangerous new Trojan which has been used to attack Wi-Fi routers through Android devices. The new form of malware, which has been dubbed the Switcher Trojan, is presently being … Read more
Erie County Medical Center Patients Put at Risk by Apparent Ransomware Attack
Ashland Women’s Health confirmed in April 2017 that it had been the victim of a significant ransomware attack.19,272 Ashland patients were affected. This followed confirmation the previous week that ABCD pediatrics ransomware attack had put … Read more
San Francisco Transport System Ransomware Attack Reported
A ransomware attack on the San Francisco Transport System in November 2016 resulted in the encryption of computers used by the city’s light rail system. The criminals responsible for the attack demanded ransom of 100 … Read more
Yahoo Breach Investigated By U.S. Securities and Exchange Commission
It has been confirmed that the U.S. Securities and Exchange Commission (SEC) are to investigate Yahoo concerning two enormous data breaches that were made public in late 2016. The controls put in place by Yahoo … Read more
Samba possibly vulnerable to ‘WannaCry’-type attacks
It has been revealed that Samba might possibly be vulnerable to network worm attacks similar to those which were utilized to deliver WannaCry ransomware on the 12th of May 2017. Unix, Linux and numerous NAS … Read more
Industrial Sector targetted by Ransomware Attackers using KillDisk Variant
In late 2016, a new ransomware variant emerged which is now being used in attacks on industrial companies. Unlike other ransomware variants, the new malware does not permanently lock users’ files. Victims have been threatened … Read more
ABCD Pediatrics Hit By Ransomware Attack Affecting 55,000 Patients
The private health information relating to more than 55,000 patients may have been compromised in during a ransomware attack against ABCD Pediatrics on the 6th of February 2017. Attackers managed to access ABCD Pediatrics’ servers … Read more
New Powershell Remote Access Trojan Identified
Researchers at Cisco Talos have recently identified a new Powershell remote access Trojan. The memory-resident malware is almost impossible to detect because it doesn’t write files to the computer’s hard drive and uses a new … Read more
Ransomware Attacks Targetting Businesses Now Using PetrWrap
A new group of criminals have taken control of Petya ransomware and are using it in ransomware attacks against businesses without the participation or knowledge of those who created the ransomware. Those responsible for the … Read more
Warning Issued by OCR to Providers of Healthcare Regarding Use of HTTPS Inspection Tools
Numerous healthcare organization employ HTTPS inspection tools in order to monitor HTTPS connections for any malware which may be present. HTTPS inspection tools are used to decrypt secure HTTPS network traffic and verify content prior … Read more
Thousands of Sites at Risk from Newly Identified Zero Day WordPress Vulnerability
A Sucuri researcher has recently discovered a new zero day WordPress vulnerability in the WordPress REST API. The vulnerability permits content injection and the escalation of user privileges. Should it be exploited, an unauthenticated user … Read more
Vulnerability in Netgear Router leads to US-CERT Alert to Replace Devices
A Netgear router vulnerability which remained unpatched for approximately 3 months was recently made public, a disclosure which placers users at risk of their devices being exploited by hackers. The threat is so large that … Read more
Madison County Invests $220K in Cybersecurity Following Ransomware Attack
The payment of a $21,000 ransom to attackers following the Madison County ransomware attack that disabled a large number of the county’s computer systems in November 2016 was necessitated as a viable backup of the data concerned … Read more
2017’s Biggest Healthcare W-2 Phishing Scam Impacted 17,000 Employees
The biggest healthcare W-2 phishing scam 2017 thus far has been reported by American Senior Communities of Indiana. Although a number of organizations have already reported being tricked by phishing emails this tax season, this … Read more
Rise in Joomla Website Attacks due to Hackers Reverse Engineering Patches
A pair of recently recognised critical vulnerabilities to the Joomla content management system are presently being utilised by hackers in a series of attacks on Joomla websites. Although the two vulnerabilities were not thought to … Read more
Google Acts Against Repeat Malware Offending Sites
Google has promised that it will take action against websites that are used repeatedly to serve malware, unwanted software, or are used to ‘phishing’ attacks. As soon as a website has been confirmed as a … Read more
Malicious Ransomware App Removed from Play Store by Google
An app that was available to members of the public for download from the Google Play store has been discovered to have contained ransomware. In recent days, Google acted to remove the ransomware app from … Read more
FBI Informs Healthcare Providers of Risks Associated with Anonymous FTP Server Use
According to a recent warning issued by the FBI, Healthcare organizations may be placing the protected health information of their patients in jeopardy by using anonymous FTP servers. Cybercriminals are profiting from the lack of … Read more
Disk-Wiping Malware Being Utilised to Format Virtual Desktops
Although disk-wiping malware has existed for several years, a new version of an older malware variant has now been detected. This malware is reportedly being used to attack companies which have implemented a virtual desktop … Read more
Cybercriminals Telephoning Customer Service Representatives to ask them to Open Malware Infected Attachments
The risk of malware and ransomware infections can be reduced by training staff to avoid opening file attachments received from unfamiliar email accounts. Despite this being common practice, a well known cybercriminal group has recently … Read more
Enterprise Firewalls Being Taken Down by Attackers Using ICMP Ping Floods
Researchers from the Danish telecom firm TDC have claimed that attackers have been using ICMP ping floods to carry out Denial of Service (DoS) attacks capable of removing enterprise firewalls. As opposed to standard DDoS … Read more