Healthcare

November 11, 2025

Pathology supplier Synnovis is contacting NHS organisations which had data stolen and published online following a major cyber attack last year. Synnovis has now completed its investigation into patient and staff data published online by the cyber criminal gang on 20 June 2024, which includes personal data such as names, NHS numbers, test results and test ...

October 31, 2025

A woman has been charged after around 100 patients had their medical records accessed in a data breach at NHS Lothian. The health board has written letters to patients affected by the breach, which they say was caused by one individual at Edinburgh Royal Infirmary. A letter dated last month, seen by STV News, says the ...

October 24, 2025

More than 1 million patients have been affected by a data breach involving SimonMed Imaging, one of the country’s largest outpatient radiology and medical imaging providers. The breach came to light after a cyberattack compromised sensitive patient data, with reports indicating that ransomware operators may have been behind the incident. What makes this case particularly concerning is the ...

September 11, 2025

French regional healthcare agencies have been targeted by cyber-attacks compromising the personal data of patients across the country. On September 8, the regional healthcare agencies (ARS) for three regions, Hauts-de-France (Upper France), Normandy and Pays de la Loire (Lower Loire), issued security alerts warning about recent cyber-attacks carried out against the servers hosting the identity ...

August 21, 2025

A ransomware attack that encrypted certain elements of dialysis firm DaVita’s network impacted 2.7 million people, the U.S. health department’s website showed on Thursday. The firm had disclosed in April that it was hit by a cyberattack. At the time, it said it would continue to provide patient care as it took measures to restore certain ...

August 19, 2025

Inotiv, an American pharmaceutical and biotech company, has confirmed it has suffered a ransomware attack which forced it to shut down parts of its IT infrastructure. In a report filed with the US Securities and Exchange Commission (SEC), the company said it spotted the attack on August 8, 2025. The initial investigation determined that someone broke ...

August 1, 2025

Central Maine Healthcare says an unauthorized party gained access to its network on March 19th, and they kept that access until June 1st. After a weeks-long shut down of phone and online services, Central Maine Healthcare officials say patient data was likely compromised during a two and a half month period where a hacker gained access ...

July 14, 2025

Medical billing giant Episource is notifying millions of people across the United States that their personal and health information was stolen in a cyberattack earlier this year. The breach affects more than 5.4 million people, according to a listing with the U.S. Department of Health and Human Services, making it one of the largest healthcare breaches ...

July 12, 2025

Healthcare data continues to be a top target for cybercriminals. In June alone, two major breaches compromised over 13 million patient records. Now, a newly confirmed Medicare data breach has affected more than 100,000 Americans. The Centers for Medicare & Medicaid Services (CMS) sent letters this week to those affected, confirming that hackers accessed sensitive data ...

July 8, 2025

China’s Ministry of State Security Directed the Theft of COVID-19 Research and the Exploitation of Microsoft Exchange Server Vulnerabilities, Known Publicly as the Indiscriminate ‘HAFNIUM’ Intrusion Campaign The Justice Department announced today that Xu Zewei (徐泽伟), 33, of the People’s Republic of China was arrested on July 3 in Italy at the request of the ...

June 26, 2025

U.S. and French authorities have confirmed the arrests of five hackers accused of being behind several major hacks and being part of a notorious cybercrime forum. On Thursday, the U.S. Department of Justice announced the indictment of British national Kai West, 25, accusing him of being “a serial hacker” known as IntelBroker. U.S. authorities allege West ...

June 11, 2025

A U.S. government website designed to inform the public about vaccines has been defaced and now hosts apparently AI-generated spam. The domain, which belongs to the U.S. Department of Health and Human Services (HHS), appears to have been hosting the same kind of content — mostly gay-themed and LGBTQ+ posts — since at least May 12, ...

June 4, 2025

A ransomware gang claimed responsibility for the hack on Kettering Health, a network of hospitals, clinics, and medical centers in Ohio. The healthcare system is still recovering two weeks after the ransomware attack forced it to shut down all its computer systems. Interlock, a relatively new ransomware group that has targeted healthcare organizations in the U.S. ...

May 30, 2025

The US Cybersecurity and Infrastructure Security Agency (CISA) has released an Industrial Control Systems (ICS) Medical Advisory for a vulnerability in Santesoft Sante DICOM Viewer Pro. Sante DICOM Viewer Pro is an application for viewing, processing, and editing DICOM-format medical images. CVE-2025-5307 has a CVSSv4 score of 8.4 and is an ‘out-of-bounds read’ vulnerability, which means ...

May 28, 2025

A newly uncovered cyber attack has exposed sensitive information at two major NHS trusts, raising fears that patient records could be at risk. University College London hospitals, NHS Foundation Trust, and University Hospital Southampton, NHS Foundation Trust were among the victims identified in a widespread cyber breach.  analysed by cybersecurity firm EclecticIQ. The company have said ...

May 16, 2025

CrazyHunter has quickly emerged as a serious ransomware threat. The group made their introduction in the past month with the opening of their data leak site where they posted ten victims – all located from Taiwan. Trend Micro researchers have followed some of their operations through internal monitoring since the start of January and have witnessed ...

May 6, 2025

The US Cybersecurity and Infrastructure Security Agency (CISA) released an Industrial Control Systems (ICS) Medical Advisory for a vulnerability found in MicroDicom DICOM Viewer. DICOM Viewer is an application for primary processing and preservation of medical images in DICOM format. CVE-2025-35975 has a CVSSv3 base score of 8.8 and is an ‘out-of-bounds write’ vulnerability, which means ...

May 1, 2025

One of the biggest private healthcare systems in the US, Ascension, has notified patients that personally identifiable information (PII) including health data, was stolen in a previously unannounced attack affecting a former business partner in December 2024. The incident follows a previous ransomware attack in May 2024, in which the sensitive data of six million patients, ...

April 24, 2025

Health insurance firm Blue Shield has revealed a data breach has exposed protected health data of over 4.7 million members. The information was leaked to Google’s analytics and advertisement platforms following a misconfiguration of Google analytics on Blue Shield sites. “On February 11, 2025, Blue Shield discovered that, between April 2021 and January 2024, Google Analytics ...

April 16, 2025

CrazyHunter has quickly emerged as a serious ransomware threat. The group made their introduction in the past month with the opening of their data leak site where they posted ten victims – all located from Taiwan. trend Micro researchers have followed some of their operations through internal monitoring since the start of January and have witnessed ...