Healthcare

May 30, 2023

About 90 organisations have reported breaches of personal information held by Capita after the outsourcing group suffered a cyber-attack, Britain’s data watchdog has said. The company, which runs crucial services for local councils, the military and the NHS, experienced the hack, which caused a significant IT outage, in March. Read more… Source: The Guardian  

May 29, 2023

Managed Care of North America (MCNA) Dental has published a data breach notification on its website, informing almost 9 million patients that their personal data were compromised. MCNA Dental is one of the largest government-sponsored (Medicaid and CHIP) dental care and oral health insurance providers in the U.S. Read more… Source: Bleeping Computer  

May 27, 2023

A team of researchers at Georgia Tech, the University of Michigan, and Ruhr University Bochum have developed a novel attack called “Hot Pixels,” which can retrieve pixels from the content displayed in the target’s browser and infer the navigation history. The attack exploits data-dependent computation times on modern system-on-a-chip (SoCs) and graphics processing units (GPUs) and ...

May 23, 2023

Personal and financial data describing almost 1.9 million Apria Healthcare patients and employees may have been accessed by crooks who breached the company’s networks over a series of months in 2019 and 2021. The home healthcare equipment provider, which says it serves about two million patients from 280 locations across America, said it discovered the intrusion ...

May 15, 2023

More than 5.81 million patients tied to PharMerica have been notified that their data was accessed and stolen during a March cyberattack. The long-term care pharmacy solution provider reported the breach to the Office of the Maine Attorney General on May 12. On March 14, PharMerica “learned of suspicious activity” on its network and worked to ...

May 10, 2023

The Korean National Police Agency (KNPA) warned that North Korean hackers had breached the network of one of the country’s largest hospitals, Seoul National University Hospital (SNUH), to steal sensitive medical information and personal details. The incident occurred between May and June 2021, and the police conducted an analytical investigation during the past two years to ...

May 1, 2023

German IT services provider Bitmarck has shut down all of its customer and internal systems, including entire datacenters in some cases, following a cyberattack. The company, one of the largest service providers for German health insurers, said no customer, patient, or insured individuals’ data had been accessed in the security breach — at least not according ...

April 27, 2023

CISA released one Industrial Control Systems Medical (ICS) medical advisory on April 27, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS medical advisory for technical details and mitigations Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Related story: CISA Releases ...

March 31, 2023

Computer systems have abruptly stopped working at the outsourcing group Capita, knocking out council phone lines and triggering fears that the company that runs crucial operations for the NHS and the military could be under cyber-attack. Capita staff are understood to have been unable to access IT systems since the early hours of Friday, and an ...

March 22, 2023

The government will provide a plan to promote cyber resilience across the health and care sectors by 2030, protecting both services and patients. New strategy sets out 5 key ways to build cyber resilience in health and care by 2030 Cyber strategy will protect health and adult social care functions and services, which the whole nation depends ...

March 17, 2023

In the last year, geopolitical tension has led to an uptick of reported cybercrime events fueled by hacktivist groups. The US Cybersecurity and Infrastructure Security Agency (CISA) published an advisory to warn organizations about these attacks and teamed with the FBI on a distributed denial-of-service (DDoS) response strategy guide. KillNet, a group that the US ...

February 22, 2023

Shipping companies and medical laboratories in Asia are being targeted in a likely intelligence-gathering campaign that relies exclusively on publicly available and living-off-the-land tools. Hydrochasma, the threat actor behind this campaign, has not been linked to any previously identified group, but appears to have a possible interest in industries that may be involved in COVID-19-related treatments ...

February 11, 2023

Several California medical groups have sent security breach notification letters to more than three million patients alerting them that crooks may have stolen a ton of their sensitive health and personal information during a ransomware infection in December. According to the Southern California health-care organizations, which include Regal Medical Group, Lakeside Medical Organization, ADOC Medical Group, ...

February 10, 2023

CISA, the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), the Department of Health and Human Services (HHS), and Republic of Korea’s Defense Security Agency and National Intelligence Service have released a joint Cybersecurity Advisory (CSA), Ransomware Attacks on Critical Infrastructure Fund DPRK Espionage Activities, to provide information on ransomware activity used by North ...

February 9, 2023

seven Russian nationals have assets frozen and travel bans imposed ransomware is a tier 1 national security threat, with attacks against businesses and public sector organisations increasingly common. Recent victims include UK schools, local authorities and firms – whilst internationally the Irish Health Service Executive, Costa Rican government and American healthcare providers were targeted new campaign of ...

February 9, 2023

There is a “real arms race” between cyber attackers and efforts to defend Irish health systems, a committee has heard. The Public Accounts Committee also heard that 32,000 letters had been issued in recent weeks to patients, clients and staff affected by the 2021 Health Service Executive (HSE) cyber attack. Read more… Source: independent.ie  

February 3, 2023

Tallahassee Memorial HealthCare is postponing all non-emergency patient procedures as officials manage an Information Technology security issue that occurred late Thursday night, according to a memo from the hospital. The IT security breach is a suspected ransomware attack, according to sources with knowledge of the situation. Read more… Source: Florida Politics  

February 2, 2023

A new cyber espionage campaign dubbed ‘No Pineapple!’ has been attributed to the North Korean Lazarus hacking group, allowing the threat actors to stealthily steal 100GB of data from the victim without causing any destruction. The campaign lasted between August and November 2022, targeting organizations in medical research, healthcare, chemical engineering, energy, defense, and a leading ...

February 1, 2023

A Russian hacking group has claimed to have taken down the University of Iowa Hospitals and Clinics website, along with the websites of dozens of other hospitals nationwide. UIHC has acknowledged its website is down Tuesday afternoon and its IT staff is investigating the cause but could not confirm whether it was the result of a ...

January 30, 2023

Michigan Health officials say its public websites experienced issues due to a cyber attack but claims the issue did not impact patient information. In a statement on Monday, officials say the attack affected a “third-party vendor we use to host some of our sites.” Read more… Source: CBS Detroit News