PHI of 57,000 TriValley Primary Care Patients Potentially Compromised in Cyberattack

TriValley Primary Care based in Perkasie, PA has started sending notifications to 57,596 patients regarding the potential compromise of some of their personal data and protected health information (PHI). Suspicious activity was noticed in its IT system on October 11, 2021. The healthcare provider took steps promptly to secure its systems and stop further unauthorized access. Third-party forensic specialists helped in investigating the incident to ascertain the nature and impact of the cyberattack. The investigation into the breach ended on November 4 and although no evidence of actual or attempted patient data misuse, unauthorized access and potential theft of PHI…

Iranian APT Actors Exploit Microsoft Exchange and Fortinet Vulnerabilities

The Federal Bureau of Investigation (FBI), Australian Cyber Security Centre (ACSC), Cybersecurity and Infrastructure Security Agency (CISA), and the United Kingdom’s National Cyber Security Centre (NCSC) have issued a joint cybersecurity alert to warn about the continuing attacks on critical infrastructure industries such as the medical care and public health industry by an Iranian Advanced Persistent Threat (APT) actor. Cyber actors well-known for being connected with the Iranian government are taking advantage of vulnerabilities identified in the Fortinet FortiOS operating system beginning March 2021, and are using a Microsoft Exchange ProxyShell vulnerability to obtain access to targets’ systems beginning October…

Maxim Healthcare Group Informs 65,000 People Regarding October 2020 Email Breach

Maxim Healthcare Group based in Columbia, MD has begun informing 65,267 people concerning a historic breach of its email system and the compromise of their protected health information (PHI). Maxim Healthcare Group, which consists of Maxim Healthcare Staffing and Maxim Healthcare Services, stated it detected suspicious activity in its email system approximately December 4, 2020. It took steps to stop further unauthorized access and started an investigation to find out the nature and extent of the breach. The investigation showed that unauthorized people got access to a number of employee email accounts from October 1, 2020, to December 4, 2020….

Ransomware Groups Exploit Company Financial Events For Extortion

Ransomware groups frequently utilize double extortion techniques to compel victims to give ransom payments. Besides file encryption, they steal sensitive information and issue a threat to sell or post the stolen information when no ransom is paid. The Federal Bureau of Investigation (FBI) has recently released a private industry advisory regarding a new extortion strategy, where ransomware groups attack businesses and organizations that are engaged in important time-sensitive financial activities, steal sensitive financial information, then threaten to expose that data when payment isn’t made. Ransomware groups perform substantial research on their victims prior to starting an attack, including collecting publicly…

PHI Compromised in Tech Etch Ransomware Attack and UNC Hospitals Insider Breach

Tech Etch based in Plymouth, MA manufactures adaptable printed circuits, precision-engineered thin metal parts, and EMI/RFI shielding. It has reported a ransomware attack that resulted in the potential compromise of the personal data and protected health information (PHI) of current and former employees. Organizations such as Tech Etch would not typically be expected to adhere to HIPAA; nonetheless, the firm provides a health plan for its workers and, therefore, is categorized as a HIPAA-covered entity. Tech Etch identified the ransomware attack on August 25, 2021. The investigators determined that the attackers acquired access to its network last August 20. Tech…

UPMC Hacker Sentenced With 7-Year in Prison

The hacker responsible for getting access to the University of Pittsburgh Medical Center (UPMC) databases and stole the W-2 details and personally identifiable information (PII) of roughly 65,000 UPMC workers has been given the maximum sentence for the offenses and will be in jail for 7 years. Sean Johnson, a resident of Detroit, Michigan, also known as TheDearthStar and Dearthy Star – hacked into the UPMC databases in 2013 and 2014 and took highly sensitive data. Then he sold the stolen data on dark web hacking forums. Identity thieves used the information to file fake tax returns in the names…

Premier Patient Health Care and Oregon Eye Specialists Submits Data Breach Report

Premier Patient Health Care located in Carrollton, TX has learned that an unauthorized individual had acquired the protected health information (PHI) of 37,636 patients during an insider data breach. Premier Patient Health Care is an Accountable Care Organization (ACO) that collaborates with medical professionals to make improvements to clinical results covered by the Medicare Shared Savings Program (MSSP). The ACO and Premier Patient Health Care are run by Premier Management Company, a business associate to numerous primary care doctors who are covered entities by HIPAA. On April 30, 2020, Wiseman Innovations, a technology merchant utilized by Premier Management Company, confirmed…

Medtronic MiniMed Remote Controllers Recalled Due to Major Cybersecurity Issue

The Food and Drug Administration (FDA) has given a notification to end-users of Medtronic wireless insulin pumps concerning a critical security vulnerability impacting a number of remote controllers. MiniMed insulin pumps are employed to deliver insulin to help control diabetes. The pumps come with an optional remote controller device for connecting wirelessly with the insulin pump. A security analyst found a cybersecurity issue in older versions of remote controllers that employ previous-generation technology that can likely be used to cause harm to consumers of the pumps. An unauthorized individual could use the cybersecurity vulnerability to report and playback the wireless…

Healthcare Employees in Minnesota Took Legal Action Against Employers to Stop Vaccine Mandate

A lawsuit was filed in the U.S. District Court in Minnesota by 180 healthcare employees concerning the COVID-19 vaccine mandates of their company owners. The plaintiffs, who were anonymous in the lawsuit, assert vaccine mandates violate religious freedom and state and federal legislation. The legal case is one of the cases that challenge the legitimacy of this kind of mandate. Vaccines continue to be the most efficient way to avoid the passing on of COVID-19, keep persons from becoming very ill, and lessen the number of people who need to be hospitalized due to the illness. The vaccines are risk-free…

Healthcare Providers Face Legal and Technological Issues Getting CCPA Compliance

Healthcare companies that need to comply with the California Consumer Privacy Act (CCPA) are having difficulties getting compliance, as per a new study shared in the Health Policy and Technology – DOI: 10.1016/j.hlpt.2021.100543 The CCPA was made into law on June 28, 2018 and enforced on January 1, 2020. The purpose of the CCPA was to offer California locals more control over their personal records and how their usage. The CCPA provided the residents of California the right to get information with regards to their personal information that will be collected, whether their records may be sold or exposed, to…

St. Joseph’s/Candler Faces Class Action Lawsuit over Ransomware Attack Impacting 1.4 Million Individuals

St. Joseph’s/Candler Hospital Health System is facing a class-action lawsuit because of a ransomware attack that took place on June 17, 2021. Because of the attack, files were encrypted, which forced the hospital to take its IT systems off the internet. The hackers accessed the systems containing the protected health information (PHI) of 1.4 million individuals, such as names, driver license numbers, Social Security numbers, medical insurance data, healthcare information, and financial details. St. Joseph’s/Candler provided impacted patients with an Experian IdentityWorks credit monitoring and identity theft protection service membership for one year. The ransomware attack investigation results confirmed that…

CISA Revises List of Cybersecurity Bad Practices to Remove

The Cybersecurity and Infrastructure Security Agency (CISA) has modified its checklist of cybersecurity bad practices that need to be eliminated. Cyber threat actors usually perform highly sophisticated attacks to obtain access to internal sites and sensitive records, yet in many cases, sophisticated strategies, techniques, and procedures aren’t necessary. The Bad Practices Catalog was made in July 2021 to improve knowledge of a number of the most egregious problems in cybersecurity that allow attackers to do the job. There have been numerous listings posted on cybersecurity best practices to adhere to, and although it is important that those practices are put…

Looking Back at the 25th Anniversary of HIPAA

On August 21, 1996, that is 25 years ago, President Clinton signed the Health Insurance Portability and Accountability Act (HIPAA) into law. Not many people then would have thought that the HIPAA would develop into the all-inclusive national health privacy legislation that it is nowadays. It is hard to dispute that the HIPAA isn’t a total success, however, the legislation has drawn a reasonable number of criticism through the years, particularly at first because of the substantial administrative burden it put on healthcare companies. Overall, the enhancements to medical care that have resulted from HIPAA compliance more than offset the…

Cyberattack Forces Memorial Health System to Move Patients to Alternative Hospitals

Memorial Health System located in Marietta, OH was pressured to redirect emergency care because of an alleged ransomware attack. When the cyberattack happened, the health network was compelled to de-activate IT systems to restrict the attack. Emergency practices were executed as a result of the insufficiency of access to critical IT systems, and the staff members are utilizing paper records. Memorial Health System manages three hospitals in West Virginia And Ohio, all of them were impacted by the cyberattack. Considering that electronic health records cannot be accessed, patient safety was likely put at stake, and so the option was taken…

PHI Exposed Due To Email Account Breaches At A2z Diagnostics And Vision For Hope

A2Z Diagnostics, a specialist diagnostic screening laboratory in New Jersey, started informing patients about the inclusion of some of their protected health information (PHI) in employee email accounts that were accessed by unauthorized individuals. Upon knowing about the breach, A2Z quickly protected the email accounts and third-party cybersecurity experts investigated the breach to ascertain if any emails or attachments were viewed or obtained during the attack. A2Z Diagnostics discovered on June 28, 2021 that the breach of accounts took place from February 2, 2021 to April 2, 2021. Some of the accounts comprised the personal information and PHI of persons…

Email Account Breaches Reported by Wisconsin Institute of Urology and Prestera Center

Prestera Mental Health Center located in West Virginia began informing 2,152 individuals regarding a security breach affecting employee email accounts. On or approximately April 1, 2021, Prestera Center discovered that selected worker email accounts were accessed without authorization between August 2020 and September 2020. Although the unauthorized access was confirmed, the center wasn’t possible to determine whether any patient data had been viewed or copied. A review was done to know the types of information that were included in the email accounts and which people were affected. The types of information in the account differed from person to person and…

UPMC Pays $2.65 Million to Settle Employee Data Breach Lawsuit

UPMC has suggested a $2.65 million settlement to close a data breach case filed by workers affected by a data breach in February 2014. UPMC based in Pittsburg, PA submitted a report about the data breach in February 2021 and initially thought the attackers had just taken the tax-data of several hundred of its staff; but, in April 2014, UPMC stated that the breach was much more extensive and impacted 27,000 of its 66,000 workers. In May 2014, UPMC reported that the personal data of all of its workers had probably been breached. The information impacted in the attack included…

CISA’s New Catalog of Cybersecurity Bad Practices to Aid Healthcare Providers

The DHS’ Cybersecurity and Infrastructure Security Agency (CISA) has published a new resource that discusses bad practices in cybersecurity, which are particularly damaging and significantly increase the risk to critical infrastructure. A lot of resources had been published regarding cybersecurity best practices, which if implemented can strengthen security. Even so, CISA thinks another point of view was needed as it is in the same way, if not more, vital to ensure the removal of bad cybersecurity practices. CISA mentioned that stopping the most egregious risks demands that companies should make a decisive effort to stop bad practices. CISA is advocating…

45,000 Patients Potentially Affected by Cyberattack on Florida Heart Associates

Florida Heart Associates is informing 45,148 patients regarding one recent security breach that resulted in the compromise of their personal data and protected health information (PHI). The security breach was discovered some time in May 19, 2021, because of strange activity seen within selected networked computers. Florida Heart Associates immediately took steps to manage the breach and protect personal data and launched an investigation to find out the nature and extent of the breach. Florida Heart Associates confirmed the breach of its computer system from May 9 to May 19, 2021. Security systems were put in place before the breach…

Philips Vue PACS Products Affected by Multiple Critical Vulnerabilities

Several vulnerabilities were found in Philips Vue PACS items, 5 were critical vulnerabilities having a 9.8 severity score and 4 were high severity vulnerabilities. Attackers can exploit a few of the vulnerabilities remotely with a low attack complexity. An attacker that successfully exploits the vulnerability would be able to acquire system access, snoop, view and change information, execute arbitrary code, set up unauthorized software programs, or compromise system integrity and acquire access to sensitive information, or adversely impact the availability of the system. Philips reported the vulnerabilities lately to CISA as well as the impacted list of Philips Vue PACS…

NIST Releases Critical Software Definition for U.S. Federal Agencies

President Biden’s Cybersecurity Executive Order demands all federal bureaus to re-examine their strategy to cybersecurity, create new options of assessing software, and carry out modern security methods to minimize risk, for example, multi-factor authentication, encryption for data at rest and in transit, and using a zero-trust approach to security. One of the very first specifications of the Executive Order was for the National Institute of Standards and Technology (NIST) to issue a definition of critical software, which the Cybersecurity and Infrastructure Security Agency (CISA) will utilize to produce a listing of all software covered by the Executive Order and for…

Prominence Health Plan and Ohio Medicaid Data Breach

The Nevada health insurance provider Prominence Health Plan has reported it experienced a security breach on November 30, 2020 resulting in the potential acquisition of the protected health information (PHI) of some plan members by hackers. Prominence Health Plan discovered the data breach on April 22, 2021 and took immediate action to avoid continuing unauthorized access, which includes altering the credentials utilized by the attacker to obtain network access. Although Prominence Health Plan hasn’t established whether or not this was a ransomware attack, all impacted plan member information has been recovered from backup copies. The breach affected the audio recordings…

Avaddon Ransomware Group Closes Down Its Operations and Issues Decryption Keys

On June 11, the Avaddon ransomware-as-a-service operation was deactivated and the threat group gave the decryption keys for all its victims. Bleeping Computer received a message with a security password and a URL to a password secured ZIP file that included the individual keys for 2,934 Avaddon ransomware attack victims. The keys were affirmed as legit by Emsisoft and Coveware, with the former right now having revealed a free decryptor that could be employed by all Avaddon ransomware victims to decrypt their data files. Avaddon is a rather new ransomware-as-a-service operation that initiated in March 2020. The threat group responsible…

Settlement to Deal With Nebraska Medicine Data Breach Lawsuit Gets Initial Approval

In September 2020, The University Of Nebraska Medical Center And Nebraska Medicine learned that their systems were attacked and infected with malware giving the hackers access to the protected health information (PHI) of around 219,000 persons. The attack pushed Nebraska Medicine to turn off its systems interrupting operations. The attackers primarily obtained access to Nebraska Medicine’s networks on Aug 27, 2020 and for 24 days viewed its systems and patient data. Nebraska Medicine blocked access on Sept. 20, 2020. During that time frame, the lawsuit alleged the hackers exfiltrated patient information. The breach affected patients of Nebraska Medicine, Great Plains…

FBI Warning Regarding Persistent Exploitation of Fortinet Vulnerabilities by APT Groups

The Federal Bureau of Investigation (FBI) has released a Flash Advisory cautioning Fortinet Fortigate appliances users that Advanced Persistent Threat (APT) groups are going to exploit devices that lack patching for three CVEs: CVE-2020-12812, CVE-2019-5591, and CVE-2018-13379. These aren’t zero-day vulnerabilities, because patches are already accessible for a time. Numerous businesses are actually slow to employ the patches and are right now being targeted. In early April, the FBI, together with the DHS’ Cybersecurity and Infrastructure Security Agency (CISA) published a Joint Cybersecurity Advisory telling that threat actors can exploit the vulnerabilities to execute data exfiltration, data encryption, and to…

Data Exposed at ZocDoc and Cincinnati Parenting Center Breaches

ZocDoc in New York, which offers a platform that enables would-be patients to reserve consultations with physicians and dentists, has uncovered a problem in its software program that made it possible for patient records to be viewed by health care and dental practices when viewing ought to have been limited. The investigation showed programming flaws had taken place from August 2020 right until the issues were identified and fixed, a number of past and present practice workers got access to the provider site, even though their accounts must have been either terminated, erased, or been restricted. On all occasions, the…

CISA Gives Guidance on Evicting Adversaries from Networks Following the SolarWinds Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has issued guidance on ousting threat actors from systems breached in the SolarWinds Orion supply chain attacks and, even succeeding breaches of Active Directory and M365 environments. The attacks were credited to threat actors linked with the Russian Foreign Intelligence Service (SVR). After acquiring network access by means of the update system of SolarWinds Orion, the threat actor picked its targets of interest for additional exposure and ignored multi-factor authentication strategies and moved laterally into Microsoft 365 environments by compromising federated identity solutions. The majority of the targets chosen for more compromise include…

Information of 200,000 Military Veterans Compromised On the Internet

A database made up of the personal data and protected health information (PHI) of more or less 200,000 U.S. military veterans was determined to be available on the web by security specialist Jeremiah Fowler. The database was found on April 18, 2021 and an evaluation pointed out references to a business entity named United Valor Solutions located in Jacksonville, NC. United Valor Solutions is a service provider of the Department of Veterans Affairs (VA) that delivers disability review services for the VA and many other government bureaus. The database – that included veterans’ names, contact details, birth dates, medical data,…

Californian Healthcare Service Provider Discovers Exposure of Patient Information Online for Over a Year

Doctors Medical Center of Modesto (DCM) based in California learned that a company used by a previous vendor accidentally exposed patient data online. DCM had employed the SaaS platform firm Medifies for its virtual waiting room services. DCM found out on April 2, 2021 that some of its patients’ data were accessible on the internet. Upon DCM’s inquiry of Medifies concerning the exposed data, the problem was sorted out on the same day and the data was secured. The inquiry into the data breach revealed the occurrence of an error during the conduct of a software system update that is…

Wyoming Department of Health Makes Announcement of GitHub Data Breach Impacting 164,000 Persons

The Wyoming Department of Health (WDH) has found out that the protected health information (PHI) of 164,021 persons was accidentally compromised on the web as a result of a blunder made by a member of its labor force. On March 10, 2021, WDH learned that a staff member had published documents with medical test information to public and private databases on the software development platform GitHub. Although security controls are set up to take care of users’ privacy, a mistake by the staff meant the information could likely have been viewed by people unauthorized to see the data since January…

Threat Group Actively Exploiting Pulse Connect Secure Vulnerabilities and Also New Zero-Day Vulnerability

The latest advisory from the DHS’ Cybersecurity and Infrastructure Security Agency (CISA) reported that one or more threat group is exploiting vulnerabilities identified in Ivanti’s Pulse Connect Secure devices. Though there is no formal attribution, certain security researchers had associated the threat actor with China. Targets of attacks are government, security, finance, and critical infrastructure institutions. FireEye has been keeping track of the malicious activity and claims that no less than 12 malware families were used in cyberattacks taking advantage of the vulnerabilities starting August 2020. These attacks included the collection of credentials to permit lateral movement in victim systems…

NAME:WRECK DNS Vulnerabilities Impact 100 Million+ Devices

Forescout and JSOF researchers have found 9 vulnerabilities in internet-linked devices which can be taken advantage of in remote code execution and denial-of-service attacks. The vulnerabilities were seen in specific usage of the Domain Name System (DNS) protocol in TCP/IP network communication stacks. The vulnerabilities are typically a result of how parsing of domain names happens, which could go against DNS implementations, and issues with DNS compression, that devices employ to compress information to converse online utilizing TCP/IP. This type of vulnerabilities was given the name NAME:WRECK. They impact common IoT and operational technology systems, such as IPnet, FreeBSD, NetX…

Third-Party Data Breaches Announced by Apple Valley Clinic & BioTel Heart

A ransomware attack on one of the IT vendors of Apple Valley Clinic in Minnesota resulted in the potential compromise of the protected health information of 157,939 of its patients. Apple Valley Clinic, which is with Allina Health, utilized Netgain Technology LLC for hosting its IT network and computer networks. In November 2020, Netgain encountered a ransomware attack that led to the taking down of its data off the web. Netgain informed Apple Valley Clinic on December 2, 2020 concerning the exposure of patient information during the ransomware attack. Allina Health acquired affirmation on January 29, 2021 regarding the impact…

New Report Exposes COVID-19 Themed Phishing Strategies

At the start of 2020, phishers began exploiting the pandemic and deviated from their normal lures to an array of pandemic-correlated themes for their phishing activities. One year after the pandemic began, the Palo Alto Networks Unit 42 Team researchers reviewed the phishing trends over the past year to see the variations in the tactics, techniques, and procedures (TTPs) of phishers and the level to which COVID-19 was utilized in their phishing activities. The researchers reviewed all phishing links discovered from January 2020 and February 2021 to find out the number that had a COVID-19 motif, utilizing certain keywords and…

More Health Insurance Providers Reported Being Affected by Accellion Ransomware Attack and Multiple Lawsuits Filed

The number of healthcare providers to claim they were affected by the Accellion ransomware attack is growing, with two of the newest victims such as Trillium Community Health Plan and Arizona Complete Health. In the later part of December, unauthorized persons took advantage of zero-day vulnerabilities in Accellion’s obsolete File Transfer Appliance platform and stole files of its clients prior to implementing CLOP ransomware. Trillium Community Health Plan lately informed 50,000 of its members that protected health information (PHI) including names, birth dates, addresses, medical insurance ID numbers, and diagnosis and treatment information was acquired by the folks associated with…

Hackers Accessed 150,000 Verkada Security Cameras Including Live Feeds and Stored Video Footage

A hacking collective has acquired access to the systems of Verkada Inc., a Californian security camera startup, and viewed the live feeds and archived video footage from surveillance cameras connected to the cloud, which are utilized by big corporations, hospitals, police departments, schools, and jails. As originally reported by Bloomberg, a white hat hacking group called Advanced Persistent Threat 69420 accessed Verkada’s systems by using credentials they got online. The credentials allowed the group to have super admin-level privileges, so it has root access to the surveillance cameras and, in certain instances, the internal systems of Verkada’s customers. The hackers…

Phishing Attack on Saint Agness Medical Center Saint Alphonsus Health System and Southeastern Minnesota Center for Independent Living

Because of a phishing attack suffered by Saint Alphonsus Health System based in Boise, ID, the data of its patients were likely exposed, as well as the information of patients of Saint Agnes Medical Center located in Fresno, CA. Saint Alphonsus discovered abnormal activity in the email account of a worker on January 6, 2021. The provider quickly protected the email account and looked into the breach to find out the origin and character of the incident. Saint Alphonsus confirmed that an unauthorized person viewed the account on January 4, 2021, allowing the individual to access the account and the…

About 100,000 People Impacted by Cochise Eye and Laser Ransomware Attack

The ophthalmology and optometry provider based in Sierra Vista, AZ, Cochise Eye and Laser, encountered a ransomware attack last January 13, 2021 that brought about the encryption of the company’s patient scheduling and billing software program. Because of the attack, Cochise Eye and Laser could not access any information in its scheduling program. It continued to provide eye care services to patients, albeit using paper charts. Based on a breach notice published on its website on February 17, 2021, the company still use paper charts because the scheduling system is still not working. The investigators of the ransomware attack did…

Information Concerning Healthcare Sector Cyber Threats and the Supply Chain Aiding Criminal Activity

During the pandemic, cybercriminals exploited new opportunities and have been launching attacks on hospitals, physician clinics and other firms and institutions on the front line in the struggle against COVID-19. Cyber attacks on the healthcare field increased in 2020, specifically in the fall because a synchronized campaign had numerous healthcare victims. Ransomware continues to be a serious threat to the healthcare segment and more attacks have persisted into 2021. A current CTIL League report presents more data on these attacks and a number of the strategies employed to target the healthcare industry in 2020. The report shows the work carried…

Breach of Information at Rehoboth Mckinley Christian Health Care Services Captial Medical Center and Sutter Buttes Imaging Medical Group

Two healthcare companies have encountered ransomware attacks wherein sensitive information was exfiltrated and exposed on the web as the victims didn’t pay the ransom demand. The Conti ransomware group has publicized information on its leak website which was apparently acquired in an attack on Rehoboth McKinley Christian Health Care Services based in New Mexico. The exposed details include sensitive patient details such as patient ID cards, diagnoses, treatment data, diagnostic data, passports, and driver’s license numbers. It is uncertain how many people have had their PHI compromised thus far. The Conti ransomware gang says it has merely posted about 2%…

Class Action Lawsuit Filed Versus US Fertility In Connection With September 2020 Ransomware Attack

US Fertility is confronted with a class-action lawsuit in connection with a ransomware attack in September 2020, where the resulting data breach impacted 878,550 people. US Fertility offers IT systems and administrative, clinical, and business data services. It is one of the biggest vendors of support services to infertility clinics in America. On September 14, 2020, US Fertility identified ransomware that encrypted files on its systems. The investigation showed that the threat actors responsible for the attack copied files from August 12 to September 14, 2020, a few of which included protected health information (PHI). The types of information acquired…

Brandywine Urology Consultants Data Breach Legal Action Sacked For Insufficient Harm

The Delaware Superior Court dismissed a legal case filed on behalf of affected persons of a Brandywine Urology Consultants data breach after plaintiffs were unable to produce information proving they had sustained harm because of the breach. Brandywine Urology Consultants suffered a ransomware attack on January 27, 2020 The attack was discovered after two days and the following investigation established the attackers acquired access to a system that included patient data. Brandywine Urology Consultants determined from its inquiry that the cyber attack was done for extortion and not just to acquire patient records, though unauthorized data access and data theft…

Ransomware Attacks Cause Almost Half of Healthcare Data Breaches

Tenable publicized a new report which showed that nearly half of all healthcare data breaches are due to ransomware attacks, and in many of the cases the attacks could have been prevented. Based on the Tenable Research 2020 Threat Landscape Retrospective Report, there were 730 data breaches reported from all industry categories in 2020’s first 10 months and more than 22 billion records had been exposed. The exposed healthcare data records were 8 million. Healthcare listed the largest number of data breaches of any industry segment from January to October 2020, accounting for nearly 1/4 of all documented data breaches….

About 560 U.S. Healthcare Facilities Affected by 2020 Ransomware Attacks

Ransomware attacks have had an enormous effect on enterprises and institutions in America, and 2020 was notably a bad year. Ransomware gangs targeted the healthcare field, education segment, and federal, state, and municipal government authorities and agencies. There were about 2,354 attacks on these industries in 2020, as per the newest State of Ransomware report by Emisoft, a cybersecurity company based in New Zealand. The number of ransomware attacks went up dramatically in late 2019, and though the attacks slowed down in the first 6 months of 2020, a serious coordinated campaign started in September when attacks considerably increased and…

HITECH Act Amendment To Give Cybersecurity Safe Harbor Now Approved

On January 5, 2020, President Trump approved a bill (HR 7898) that improves the Health Information Technology for Economic and Clinical Health Act (HITECH Act) and gives a safe harbor for firms that have carried out accepted security best practices before suffering from a data breach. Though the bill won’t go so far as stopping the Department of Health and Human Services’ Office for Civil Rights from issuing financial penalties for HIPAA compliance problems that triggered a data breach, the amendment necessitates OCR to consider the security steps put in place to lessen cybersecurity risk during the one year before…

Cyberattacks in the Healthcare Sector Higher by 45%

In the fall of 2020, CISA, FBI, and HHS cybersecurity issued a joint alert to the healthcare and public health field subsequent to an increase in ransomware activity. The joint notice discussed that threat actors are actively targeting the healthcare sector to infect systems with ransomware. Many ransomware gangs had heightened attacks on the medical and public health segment. The Ryuk and Conti gangs are the most dynamic. Check Point’s new report reveals that attacks kept on increasing in November and December 2020. Cyber-attacks on healthcare companies increased by 45% worldwide. The increase was greater than twice the percentage increase…

Ransomware Attack on Wilmington Surgical Associates Exposed Over 114,000 Patient’s Data

Last October 2020, the NetWalker ransomware gang launched an attack on the Wilmington Surgical Associates surgical center located in North Carolina. Prior to deploying the Netwalker ransomware to do file encryption, the gang stole 13GB of records with sensitive data. The HHS’ Office for Civil Rights breach portal already posted about the ransomware attack indicating that it has compromised 114,834 patients’ protected health information (PHI). The NetWalker ransomware gang has conducted more attacks on its healthcare company targets this 2020. It attacked the University of California San Francisco and stole sensitive and valuable research data. The University paid $1.14 million…

OCR HIPAA Audits Industry Report Identify Popular Areas of Non-compliance with the HIPAA Regulations

The Department of Health and Human Services’ Office for Civil Rights has released its 2016-2017 HIPAA Audits Industry Report, showing areas where HIPAA-covered entities and their business associates are complying or fails to follow the conditions of the Health Insurance Portability and Accountability Act. The Health Information Technology for Economic and Clinical Health (HITECH) Act mandates the HHS to perform routine audits of HIPAA covered entities and business associates to evaluate HIPAA Policies compliance. Between 2016 and 2017, the HHS carried out its second level of compliance reviews on 166 covered entities and 41 business associates to check compliance with…

Twitter to Pay $544,000 for a GDPR Data Breach Violation

Twitter is going to pay a €450,000 ($544,600) penalty for breaking the EU’s General Data Protection Regulation (GDPR). The Ireland Data Protection Commission (DPC) issued the penalty because of the privacy breach report Twitter submitted to the DPC last January 8, 2019. After receiving a breach notification report from Twitter International Company, DPC launched an investigation on January 22, 2019 to find out if Twitter is GDPR compliant. On December 26, 2018, a researcher informed Twitter regarding a problem. Twitter gives its users the choice to send protected Tweets or not. Only a particular group of people or followers can…

Data Breaches at Legacy Community Health Services, Hillcrest Nursing Center and Dental Care Alliance

Email Breach at Legacy Community Health Services Affects 3,076 Patients Legacy Community Health Services (LCHS) located in Texas is informing 3,076 people that some of their PHI held in an email account were potentially accessed by an unauthorized individual. LCHS noticed the unauthorized access of a staff’s email account on July 24, 2020 and performed a password reset on that day. A third-party cybersecurity agency helped look into the incident and completed the review of the breach on September 22, 2020. According to the evaluation, the account stored patient names and some clinical data associated to care gotten and the…

Mayo Clinic Faces Multiple Legal Cases Due to Insider Privacy Volation

Mayo Clinic is confronted with multiple class-action lawsuits because of an insider data breach in October 2020. Mayo Clinic learned an ex-worker obtained access to the health data of 1,600 patients with no authorization and viewed details that include patient names, demographic data, dates of birth, clinical notes, medical record numbers, and medical images. As per the Health Insurance Portability and Accountability Act (HIPAA), all HIPAA-covered entities need to employ safety measures to secure the confidentiality, integrity, and privacy of protected health information (PHI) and controls data disclosures and uses if patient permission is not acquired. Healthcare staff are granted…

Final Rules on Safe Harbors for Cybersecurity Donations Published by HHS

On November 20, 2020, the Office of Inspector General (OIG) and the Department of Health and Human Services’ Centers for Medicare and Medicaid Services (CMS) launched the final rules for enhancing the coordination of health care and lessen regulatory difficulties. The two final rules consist of safe harbor conditions that permit hospitals and healthcare delivery systems to provide cybersecurity technology to physician practices. The CMS launched the final copy of the 627-page Modernizing and Clarifying the Physician Self-Referral Regulations, generally known as Stark Law, and the OIG finalized updates to the 1,049-page Safe Harbors Under the Anti-Kickback Statute and Civil Monetary…

ASPR Issues Update on Ransomware Activities in the Healthcare Industry

The HHS’ Office of the Assistant Secretary for Preparedness and Response (ASPR) has given an update on ransomware activity aimed at the healthcare and public health sectors. In late October, the HHS, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) gave a joint alert concerning an impending rise in ransomware activity aimed towards the healthcare sector. In just one week after giving the warning, six healthcare organizations reported ransomware attacks in one day. Over a dozen healthcare providers have submitted cyberattack reports in the last two months. Healthcare companies reported more than 62 attacks…

FTC Reaches Settlement with Zoom Over Allegations of Cybersecurity Issues and Misleading Security Practices

The U.S. Federal Trade Commission has arrived at a settlement deal with teleconferencing platform provider Zoom to take care of allegations that it misinformed its consumers regarding the level of encryption and did not carry out proper cybersecurity protections for its consumers. Throughout the pandemic, Zoom platform usage exploded as businesses and consumers used the platform to retain communication with family and friends. Remote employees utilized the platform to connect and collaborate with the company while doing work at home. The communication platform turned out to be very well-known in healthcare for offering telehealth services. It is additionally popular in…

ONC Lengthens Due date for Information Blocking and Interoperability Rule Compliance

The due date for compliance with the required information blocking and health IT certification of the 21st Century Cures Act was prolonged as a result of the current coronavirus pandemic. The US Department of Health and Human Services’ (HHS) Office of the National Coordinator for Health IT (ONC) published on October 29, 2020 the launch of an interim final rule with the time period for giving comments lengthened the compliance dates and time periods for getting particular information blocking and Conditions and Maintenance of Certification (CoC/MoC) standards. The ONC’s Cures Act Final Rule unveiled on March 9, 2020 outlined exclusions…

Data Breach Incidents at Lycoming-Clinton Joinder Board and Coast Dental

Lycoming-Clinton Joinder Board (LCJB) is managing programs that provide services to persons with mental health issues or intellectual disabilities in the area of Lycoming and Clinton Counties, Pennsylvania. It encountered a breach and is now notifying 14,500 individuals concerning the potential compromise of their protected health information (PHI). On August 10, 2020, while looking into a prior data breach, LCJB learned that an unauthorized individual viewed the email accounts of three personnel. A review of the email accounts affirmed they stored patient data, nevertheless, it can’t be determined if the unauthorized persons accessed or obtained any details in the email…

Dickinson County Health, Michigan Medicine and Passavant Memorial Homes Security Breaches

Dickinson County Health based in Michigan has encountered a malware attack that resulted in its EHR system to be taken offline. The attack has obligated the health system to use EHR downtime approaches and write patient details utilizing pen and paper. The attack began on October 17, 2020 and hampered computer systems at all its Michigan and Wisconsin clinics and hospitals. Systems were turned off to restrict the malware and third-party security professionals were called in to check out the breach and fix its systems and records. Though the attack prompted major interruption, nearly all patient services stayed entirely operational….

Data Breaches at Piedmont Cancer Institute, The Health and Wellness Clinic and McLaren Oakland Hospital

Piedmont Cancer Institute (PCI) located in Atlanta, GA is informing 5,226 patients about the potential exposure of their protected health information (PHI) as a result of an unauthorized individual getting access to the email account of one employee. A third-party cybersecurity firm helped PCI in determining the compromise of the email account for more than a month. The unauthorized person initially accessed the email account on April 5, 2020. PCI secured the account on May 8, 2020. The breached account review ended on August 8, 2020 and confirmed that it comprised a selection of PHI. Aside from names, the patients…

Ransomware Attacks on Magnolia Pediatrics and Accents on Health

Magnolia Pediatrics located in Prairieville, LA is informing 12,861 patients regarding the likely exposure of some of their protected health information (PHI) due to a ransomware attack that transpired on or around March 26, 2020. IT vendor, LaCompuTech looked into the ransomware attack and confirmed that only its master boot record was impacted and the hackers did not access, encrypt or export any patient data. The IT vendor reported that there was no HIPAA breach, thus it is not required to report the incident to the HHS’ Office for Civil Rights. It is likewise not required to issue breach notification…

PHI Compromised Due to Four Data Breaches

MU Health Care based in Missouri has suffered a phishing attack that caused the compromise of a few employee email accounts between May 4 and May 6, 2020. An investigation of the incident unveiled the compromised email accounts included patient data like names, birth dates, account numbers, health insurance information, Social Security numbers, and driver’s license numbers. MU Health Care has advised all impacted patients and has given them free of charge credit monitoring services. To date, there are no reports received that indicate the misuse of any patient information. The affected email accounts comprised the protected health information (PHI)…

Montefiore Medical Center and Geisinger Terminates Personnel for Inappropriate PHI Access

Montefiore Medical Center in Bronx, NY has dismissed a staff because of the claimed theft of the protected health information PHI of roughly 4,000 patients. Montefiore knew about the probable internal data breach in July 2020 and started an investigation into unauthorized health record access. Montefiore had put in place a technology solution that monitors EHRs for unauthorized access. Therefore, the personnel was determined. The investigation affirmed that the personnel had gotten access to healthcare records with no valid work reason between January 2018 and July 2020. Accessing the medical records of patients though there isn’t a valid reason for…

CISA Gives Warning of Persistent Attacks by Chinese Hacking Groups Directed at F5, Citrix, Pulse Secure, and MS Exchange Vulnerabilities

The Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has given a security alert that hackers connected with China’s Ministry of State Security (MSS) are carrying out targeted cyberattacks on U.S. government bureaus and private sector firms. The attacks are continuing for more than a year and generally target vulnerabilities in common networking tools like Pulse And Citrix Secure VPN appliances, Microsoft Exchange email servers, and F5 Big-IP load balancers. The hacking groups employ publicly available data and open source exploit applications in the attacks for instance Mimikatz, Cobalt Strike, And China Chopper. The hacking groups that have…

Privacy Risks Discovered on Nearly All Sites Providing COVID-19 Information

A new study that JAMA published revealed that nearly all websites providing COVID-19 information include third-party tracking code that presents a risk to privacy. With the tracking code, the web pages could collect information from website visitors and transmit that data to third parties. The transferred data usually includes the URLs visited by a user and his/her IP address. Other data could also be obtained, and that information enables the creation of detailed profiles on the browsing habits and interests of people. Because IP addresses are gathered, that data can quickly be linked with a particular individual. The Carnegie Mellon…

Bill Establishing the Genetic Information Privacy Act Approved by California Senate

A bill (SB-980) that confirms the Genetic Information Privacy Act has been approved by the California Senate. Currently, California Governor Gavin Newsom simply needs to sign the bill. The Genetic Information Privacy Act will bring in new requirements for businesses providing direct-to-customer genetic tests to safeguard consumer privacy and protect personal and genetic data. Presently, direct-to-client genetic testing services are mostly not regulated. There is the worry that the tactics of organizations that provide these services can possibly expose sensitive genetic information and that external parties can exploit the utilize of genetic information for sketchy purposes, for example, mass surveillance,…

Data Breaches at the Institute for Integrative Nutrition, Colorado Mental Health Center and Texas Recycling Center

The Institute for Integrative Nutrition in New York City encountered a phishing attack in March 2020, which resulted in the potential exposure of personal data. The institute only became aware of the breached email account on June 22, 2020. According to the investigators, an unauthorized person gained access to one email account starting March 3, 2020 up to March 4, 2020. Third party cybersecurity specialists assisted the investigation and confirmed after a manual document review that the unauthorized person potentially accessed names and personal information like Social Security numbers. But data theft is not confirmed by any evidence. As a…

2.5 Million Patient Records Hosted by Cense AI Compromised Over the Internet

Technology and security consultant Jeremiah Fowler reported that the personal and health data of over 2.5 million patients were compromised on the web. On July 7, 2020, two folders comprising the data were found publicly available over the web and without requiring any passwords to access. An artificial intelligence company called Cense AI hosted the folders marked as “staging data.” Cense AI is a firm that delivers SaaS-based intelligent process automation management solutions. The folders were managed on a similar IP address as the Cense website and were accessible by taking out the port from the IP address, which can…

What is HIPAA Certification?

What is HIPAA certification? This is a frequently asked question by organizations in the healthcare industry. The HIPAA does not have a standard or implementation requirements for the certification of covered entities or business associates. However, a number of third-party organizations provide HIPAA certification solutions. The HHS does not have any official HIPAA certification procedure or accreditation. If there was, that would be helpful. A HIPAA compliance certification can tell if a Covered Entity or Business Associate is aware of and compliant with HIPPA rules. That would help lessen the amount of time spent doing research on potential vendors. Nevertheless,…

CISA Alerts of Increased Cyberattacks by Chinese Nation State Threat Groups that Use the Taidoor RAT

The Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) issued a high priority notification to warn companies of the danger of cyberattacks using the Taidoor malware, which is a remote access Trojan (RAT) that the Chinese authorities employ in cyber-surveillance strategies. Taidoor was initially discovered in 2008 and was employed in numerous attacks on companies. The advisory was given after the FBI, CISA, and the Department of Defense (DoD) discovered a new Taidoor RAT variant that is being utilized in attacks on American companies. The solid proof was discovered indicating that attackers doing work for the Chinese government…

FBI Publishes a Flash Alert Cautioning of More NetWalker Ransomware Attacks

The Federal Bureau of Investigation (FBI) gave a (TLP:WHITE) FLASH notification this week after seeing a growth in attacks that use the NetWalker ransomware. NetWalker is a somewhat new ransomware threat that was discovered in March 2020 soon after a transportation and logistics organization in Australia and the University of California in, San Francisco suffered attacks. UC San Francisco was pressured to pay out a ransom payment of approximately $1.14 million to acquire the keys to unlock encrypted data files to restore vital research files. One of the latest healthcare victims was Lorien Health Services, a nursing home operator based…

Emotet Botnet Active Again and Sending Big Quantities of Malicious Email Messages

After 5 months of dormancy, the reactivated Emotet botnet is being employed to send out substantial amounts of unsolicited email messages to businesses in the U.K. and the U.S. The Emotet botnet is a system of breached computers which were downloaded with Emotet malware. Emotet malware is a data stealer and malware downloader which was employed to spread different banking Trojans, which include the TrickBot Trojan. Emotet hijacks email accounts and then utilizes them to dispatch spam email messages that contain malicious urls and file attachments, usually Word and Excel files that contain harmful macros. In the event the macros…

Microsoft Releases Patch to Correct Critical Wormable Windows DNS Server Vulnerability

Microsoft has introduced a patch to resolve a 17-year old wormable remote code execution vulnerability identified in Windows DNS Server. The vulnerability can be exploited remotely, demand a low-level skill to exploit, and could permit an attacker to seize full control of the entire IT infrastructure of a company. Security researchers at Check Point discovered vulnerability CVE-2020-1350 and named it SIGRed. The vulnerability can be found on all Windows Server versions starting from 2003 until 2019 and was designated the maximum CVSS v3 score of 10 out of 10. The flaw is wormable, thus an attacker could exploit the vulnerability…

Data Breach Incidents at Health Plan Member Websites, Zipari and Central California Alliance for Health

Health plan Independence Blue Cross in Philadelphia, AmeriHealth Insurance Company and AmeriHealth HMO, Inc of New Jersey learned that unauthorized persons acquired access to web pages on their member sites from March 17, 2020 to April 30, 2020 and possibly saw the private and protected health information (PHI) of a number of plan members. The types of data exposed comprise names, health plan type, member ID numbers, payment account balances, claims details and user reward summaries. According to the breach investigation, the unauthorized person utilized legit credentials to log in to the website. On all occasions, the passwords employed to…

The California Consumer Privacy Act Takes Effect Now

On July 1, 2020, observance of the California Consumer Privacy Act (CCPA) of 2018 commenced. The CCPA effectivity was on January 1, 2020, nonetheless, all firms placed under the Act were provided a 6 month grace period to abide by the terms of the CCPA. Considering that the grace period has already lapsed. California Attorney General Xavier Bercerra affirmed that enforcement won’t be postponed, though businesses and trade associations have asked to extend the grace period for an additional 6 months as a result of the 2019 Novel Coronavirus crisis. The requests had been accepted nevertheless there’s no extension granted….

NY District Court Kicks Back Data Breach Lawsuit Against Episcopal Health Services to State Court

Patients of Episcopal Health Services Inc. based in Uniondale, N.Y. filed a lawsuit over the compromise of their personal and protected health information in a phishing attack in 2018. The New York State Supreme Court has kicked back the lawsuit for further proceedings. The lawsuit asserts Episcopal Health Services did not safeguard the private data of its patients from unauthorized exposures. Due to those downfalls, some employee email accounts of Episcopal Health Services experienced a breach between August 28, 2018 and October 5, 2018. The types of information contained in the email accounts included the patients’ names, birth dates, addresses,…

Telehealth Likely to Remain So Better Obtain the Appropriate Technology

This 2020, because of the COVID-19 public health crisis, the HHS’ Centers for Medicare and Medicaid Services (CMS) widened the coverage of telehealth service by incorporating all Medicare beneficiaries, irrespective of area. Telehealth services do away with the limitations to in-person treatment that the COVID-19 pandemic brought about and make it possible for healthcare providers to offer treatment to patients within their own residences and, in that way, make patient security and regulation of the spread of COVID-19 achievable. The extension of coverage is only implemented during the COVID-19 public health crisis, despite increasing requests that for the extended CMS…

Misconfigured Exposed Cloud Databases are Attacked In Just Hours

Security researchers often discover misconfigured public cloud databases. Wrong configurations that cause cloud data exposure may be because of insufficient knowledge of cloud security or guidelines, inadequate oversight to track down errors, or negligent conduct by insiders. The latest Trend Micro report pointed out that the top cause of cloud security issues is cloud misconfigurations. Security researchers at Comparitech frequently find unsecured cloud assets, typically Elasticsearch cases and unprotected AWS S3 buckets. Whenever the unprotected cloud databases are identified, security researchers identify the owners and notify them to make sure to secure data quickly. Upon identifying the owners, it usually…

COVID-19 Research Organizations Targeted by Chinese Hacking Groups

Organizations participating in the research studies of SARS-CoV-2 and COVID-19 were warned that hackers linked with the People’s Republic of China (PRC) are focusing attacks on their organizations, for that reason, they have to do something to keep their systems safe from any attack. The Federal Bureau of Investigation (FBI) together with the Cybersecurity and Infrastructure Security Agency (CISA) of the Department of Homeland Security have issued an alert that healthcare, pharmaceutical and research organizations working on SARS-CoV-2 vaccines, COVID-19 remedies and testing procedures are the targets of hackers wanting to get research data to move ahead with PRC’s research…

H-ISAC Issues Second Framework for Managing Identity in Healthcare

The Health Information Sharing and Analysis Center (H-ISAC) released a framework for CISOs to manage identity and secure their firm against identity-focused cyberattacks. This new white paper released by H-ISAC comprises the identity-focused plan to security. The former white paper details why an identity-focused solution to cybersecurity is necessary at this time, with the most recent white paper outlining how to execute that strategy. By using the framework, CISOs could handle the complete identity lifecycle of practitioners, patients, business partners, and employees in a manner that protects against identity cyberattacks, brings down risk and boosts operational efficiencies. The framework was…

Ransomware Attack at Magellan Health and PHI Theft at Houston Methodist Hospital

Magellan Health, a Fortune 500 company, encountered a ransomware attack last April that resulted in the encryption of its files and theft of some employee information. Magellan Health noticed the attack on April 11, 2020 after files on its systems were encrypted. According to the breach investigation results, the attacker accessed its systems because an employee received a spear-phishing email on April 6 and responded to it. The attacker misled the employee by means of impersonating a Magellan Health customer. Magellan Health employed the cybersecurity firm Mandiant to investigate the breach and it confirmed that the attacker accessed a company…

Zoom Gets into Settlement with NY Attorney General Over Privacy and Security Concerns

Zoom got to a deal with the New York Attorney General’s office and has made a commitment to employ better privacy and security measures for its teleconferencing program. New York Attorney General Letitia James investigated Zoom after analysts found a variety of privacy and security problems with the program sometime this year. Zoom has shown to be one of the most widely used teleconferencing systems throughout the COVID-19 outbreak. In March, around 200 million persons were joining Zoom meetings with usership rising by 2,000% in the period of merely 3 months. As more people use Zoom more regularly, flaws in…

OCR Publishes Guidance on Media and Film Crew Members Access to Healthcare Amenities

The HHS’ Office for Civil Rights (OCR) published guidance to point out to healthcare organizations that with the HIPAA Privacy Rule, the media and film staff aren’t permitted access to healthcare amenities where the protected health information (PHI) of patients is accessible except if the involved patients have given written permission beforehand. A public health emergency doesn’t adjust the demands of the HIPAA Privacy Rule, which stays in force in emergency scenarios. In 2018, Brigham and Women’s Hospital, Boston Medical Center, and Massachusetts General Hospital were subjected to enforcement actions by OCR after learning they had granted film staff access…

EFF Alerts of Privacy and Security Pitfalls with Apple and Google’s COVID-19 Contact Tracing Solutions

The contact tracing technology that Google and Apple are creating may be helpful in tracking persons who have gotten into close contact with persons verified to be COVID-19 positive; nevertheless, the Electronic Frontier Foundation (EFF) is cautioning against the probability that hackers would exploit the system in its present form. The technology is set to be available soon. The system will enable app developers to make contact tracing applications to help track down persons who might have been exposed to COVID-19. When a person installs a contact tracing application, every time he/she comes into contact with a man or woman…

HHS’ Office of Inspector General Suggests Regulation for Civil Monetary Penalties for Data Blocking

The HHS’ Office of Inspector General (OIG) proposed a rule on Tuesday that corrects civil monetary penalty regulations to additionally include data blocking. Once enforced, the new CMPs for data blocking is going to be a crucial instrument to guarantee program integrity as well as the stated advantages of technology and data. OIG knows that all through the COVID-19 public health crisis, medical companies are concentrated on delivering treatment and follow-up patient care. OIG is accomplishing its responsibilities by posting the new guideline however is likewise attempting to be as versatile as can be to lessen the load on healthcare…

Healthcare Shoppers Looking to Buy PPE and Medical Supplies Targeted by Fraudsters

The Federal Bureau of Investigation (FBI) has published an advisory that cybercriminals are attempting to rob from state organizations and healthcare market consumers that are purchasing medical products and personal protective equipment (PPE). Healthcare market consumers were cautioned after having records of increasing instances of scams connected to the order of PPE and important medical equipment including ventilators, that have limited supply as a result of greater demand. The FBI has received information on many reports of advance fee frauds. Government organizations and healthcare market consumers have sent funds to vendors and brokers of PPE and medical products and learned…

FBI Alerts of Growing COVID-19 Associated Business Email Compromise Scams

The Federal Bureau of Investigation released an alert subsequent to an increase in Business Email Compromise (BEC) attacks that are capitalizing on the anxiety related to the COVID-19 outbreak. BEC is the word used to pertain to the effort to deceive people in control of doing legit cash transfers into a bank account managed by the attacker. This is attained by impersonating somebody within the firm that the victim typically performs business with. A normal attack case entails mailing an email to somebody in the finance team asking to alter a bank account detail for an impending payment. A few…

Threat Actors and Cybersecurity Companies to Show Support to Healthcare Providers Throughout the Coronavirus Pandemic

Cyberattacks on healthcare organizations were reported despite the fact that these organizations are working day and night to give COVID-19 patients their needed healthcare. These attacks not only cause serious disruption, but also possibly more damage and threat to patient safety considering the COVID-19 outbreak. Plenty of phishing campaigns were found using the fear of COVID-19 as a lure to install malware. More than 2,000 coronavirus-themed domains had been registered. Most of these domain names were probably bought for executing malicious intentions. For sure the cyberattacks will not stop. However, it would appear that some threat actors have chosen not…

Cybersecurity Guidelines for Securing Remote Employees During the COVID-19 Outbreak

With attacks rising it is essential to undertake cybersecurity guidelines for keeping remote employees safe against malware and phishing attacks. Institutions should make certain to use the most recent versions of VPNs and employ patches promptly. The DHS Cybersecurity and Infrastructure Security Agency (CISA) released another alert on March 13 concerning patching and upgrading VPNs for remote personnel to correct vulnerabilities. Institutions were likewise told to use multifactor authentication with all VPNs to boost security. VPNs should additionally be configured to start off automatically if devices are powered up and not just counting on personnel to manually connect. It is…

Enhanced Telehealth Services and Laid-Back HIPAA Enforcement Throughout the Coronavirus Public Health Emergency

In seeking to avoid the spreading of the 2019 novel coronavirus, patients alleged of having been exposed to the virus and persons with indications of COVID-19 were instructed to self-quarantine by staying at home. It is necessary for contact to be avoided with persons at an increased risk, especially aged people and persons with health issues. Telehealth services, which include video calls, are handy tools for medical specialists when evaluating and treating patients at a distance to lower the possibility of getting infected by the coronavirus. Telehealth services could also be employed to keep contact with patients who opt not…

Google Charged with About $8 Million GDPR Fine

The Swedish Data Protection Authority (DPA) issued Google a 75 million kroner ($7.8 million) GDPR penalty for failing to comply with the right-to-be-forgotten’ requests coming from European Union residents to take out webpages from its search result pages. The right to be forgotten in the European Union exists prior to GDPR. It was initially included in EU laws in 2014 after a judgment by the European Court of Justice concerning the lawsuit, Google Spain SL, Google Inc vs Agencia Española de Protección de Datos, Mario Costeja González. The rules require search engines to take out hyperlinks to freely accessible websites…

Quest Diagnostics Settlement of 2016 Data Breach Finally Approved

A federal judge has finally approved the settlement concerning Quest Diagnostics Inc. to take care of a class-action lawsuit connected with its 2016 data breach. The medical lab company in New Jersey is going to pay a $195,000 settlement, which allocates to each breach victim about $325 compensation. On November 26, 2016, the attackers accessed the Care360 MyQuest mobile application that patients use to save and share their digital test results and schedule visits. The health application saved names, phone numbers, birth dates, and laboratory test findings which, for certain patients, listed their HIV test findings. The breach impacted 34,000…

Ransomware Attack on Crossroads Technologies Impacts 156,400 Personal Touch Home Care Patients

Personal Touch Home Care (PTHC), a home health company based in Lake Success, NY, began informing patients about the latest ransomware attack on Crossroads Technologies Inc., its IT vendor based in Wyomissing, PA, that potentially compromised their protected health information (PHI). On December 1, 2019, Crossroads advised PTHC that its Pennsylvania data center was attacked by ransomware. That data center hosted PTHC’s electronic medical records. Because of the ransomware attack, patient records were inaccessible for a couple of days. Although the EHR system was not accessible, PTHC employees followed emergency protocols and recorded patient data using pen and paper. The…

Over 110,000 Patients’ PHI Compromised Because of Phishing Attacks on Overlake Medical Center & Clinics and VibrantCare Rehabilitation

A phishing attack on Overlake Medical Center & Clinics located in Bellevue, WA in December 2019 caused the potential exposure to personal and protected health information (PHI) of 109,000 patients. Overlake Medical Center & Clinics discovered the phishing attack on December 9, 2019 and did a password reset to prohibit unauthorized access. Overlake affirmed the unauthorized access of one email account beginning December 6, 2019 up to December 9 which was the time the Overlake secured the account. There were other email accounts compromised on December 9, however, the attacker only had access for a couple of hours. An examination…

$1.77 Billion in Losses Due to Business Email Compromise Attacks

The 2019 Internet Crime Report of the Federal Bureau of Investigation’s (FBI) Internet Crime Complaint Center (IC3) was just released. It reveals that cybercrime losses in 2019 maxed $3.5 billion. IC3 got nearly 1,300 per day or 467,361 online and cybercrime complaints. Above 50% of the losses were caused by business email compromise (BEC) attacks, otherwise called email account compromise (EAC). These attacks entail the impersonation of an authorized person or business to acquire finances by means of email. These complex tricks usually start off with a phishing attack on a manager to acquire email login credentials. The hacker then…

PHI Potentially Exposed at Iowa Department of Human Services and Cedarbrook Nursing Home

The Iowa Department of Human Services informed 4,784 people concerning the potential exposure of their protected health information (PHI) because of improper disposal of documents. On November 25, 2019, a member of the DHS staff put documents containing the Dallas County clients’ PHI together within the regular garbage dumpster. The staff should have shredded the documents before disposal. DHS was late in discovering the improper disposal as the dumpster had been emptied already. The incident investigators learned that the custodial employee who disposed of the records wasn’t aware that the documents contained confidential information. It was not possible to determine…

Breach of LabCorp Patients’ Personal and Health Data Due to Website Error

TechCrunch researchers found a security error on a website that LabCorp is using for hosting its internal customer relationship management system. Though the system comes with password protection, the researchers discovered an error in the back-end system and exposing patient records. The error made possible patient data access even with no security password and search engines have indexed the web URL. Google had cached just one document that contains a patient’s health data. However, the researchers were able to see other patient records with health data just by modifying the document number in the web URL. The researchers examined sample…

PHI Exposed at Alomere Health and Mercy Health Lorain Hospital Laboratory Data Breaches

Alomere Health in Alexandria, MN encountered a phishing attack that allowed unauthorized persons potential access to the protected health information (PHI) of more or less 50,000 patients. After becoming aware of the phishing attack on November 6, 2019, the healthcare provider conducted an internal investigation that revealed the account was accessed by unauthorized persons from October 31 until November 1, 2019. The computer forensics company that investigated the breach revealed on November 10, 2019 that a second email account compromise occurred on November 6. After a detailed examination of the compromised accounts, it was confirmed by the investigators that selected…

Ransomware Attack on Enloe Medical Center Caused EMR Downtime

Enloe Medical Center in Chico, CA had a ransomware attack two weeks ago and until now the electronic medical record (EMR) system of this California healthcare provider is offline. Enloe knew about the ransomware attack on January 2, 2020, which encrypted the files of its entire network, which include the EMR system consequently the center staff are unable to access patient data. The provider promptly enforced emergency protocols to keep on delivering health care to patients and had to reschedule just a number of elective medical procedures. The telephone system became non-operational as well because of the attack, but it…

Malware Attack Impacts 25K Patients of Native American Rehabilitation Association of the Northwest

A malware attack on the Native American Rehabilitation Association of the Northwest, Inc. (NARA) in Portland, OR resulted in the potential unauthorized access of the protected health information (PHI) of native American patients who are receiving mental and physical health services, education and substance abuse treatment. NARA mentioned that the malware attack came about on November 4, 2019. Security controls failed to identify the malware at the beginning but eventually identified it in the afternoon. By November 5, the security team already had the threat under control and by November 6, it had changed all email account passwords. The attackers…

Conway Medical Center and Equinox Inc. Email Security Breaches

A phishing attack on Conway Medical Center in South Carolina resulted in the access of the email accounts of several employees by unauthorized people. Conway Medical Center became aware of the phishing attack on October 7, 2019 and immediately secured the employee’s email accounts to block the further access of unauthorized individuals. Third party cybersecurity specialists looked into the breach to confirm patient data access or theft. According to the investigators, the email accounts were first compromised on or before July 2019. It was only on November 20, 2019 that the investigators confirmed the exposure of the protected health information…

Malware on New Mexico Hospital Imaging Server Potentially Impacts Patients PHI

The radiology department of Roosevelt General Hospital located in Portales, New Mexico found malware in one digital imaging server, which possibly resulted in enabling the hackers to gain access to the radiological photos of approximately 500 patients. The malware installation was found on November 14, 2019 and immediate action was done to separate the server and stop even more unauthorized access and obstruct contact with the command and control server of the hackers. The IT unit was successful in taking away the malware, repairing the server and retrieving all patient information. A scan was done to search for any flaws….