• The state of ransomware: national emergencies and million-dollar blackmail

    September 14, 2021

    Banks have been “disproportionately affected” by a surge in ransomware attacks, clocking a 1,318% increase year-on-year in 2021. Ransomware has become one of the most well-known and prevalent threats against the enterprise today. This year alone, we have seen high-profile cases of ransomware infection — including against Colonial Pipeline, Kaseya, and Ireland’s health service — cause ...

  • BlackMatter ransomware hits medical technology giant Olympus

    September 13, 2021

    Olympus, a leading medical technology company, is investigating a “potential cybersecurity incident” that impacted some of its EMEA (Europe, Middle East, Africa) IT systems last week. Olympus has more than 31,000 employees worldwide and over 100 years of history developing for the medical, life sciences, and industrial equipment industries. The company’s camera, audio recorder, and binocular divisions ...

  • Ransomware groups continue assault on healthcare orgs as COVID-19 infections increase

    September 11, 2021

    Ransomware groups have shown no signs of slowing down their assault on hospitals, seemingly ramping up attacks on healthcare institutions as dozens of countries deal with a new wave of COVID-19 infections thanks to the potent Delta variant. Vice Society, one of the newer ransomware groups, debuted in June and made a name for themselves by ...

  • Indonesia: 1.3 million people had their sensitive personal data, COVID-19 test results and more exposed on an open server.

    August 30, 2021

    Researchers with vpnMentor have uncovered a data breach involving the COVID-19 test and trace app created by the Indonesian government for those traveling into the country. The ‘test and trace app’ — named electronic Health Alert Card or eHAC — was created in 2021 by the Indonesian Ministry of Health but the vpnMentor team, lead by ...

  • Indiana: COVID-19 Contact-Tracing Data Exposed, Fake Vax Cards Circulate

    August 19, 2021

    This week, the Indiana Department of Health issued a notice that the state’s COVID-19 contact-tracing system had been exposed via a cloud misconfiguration, revealing names, emails, gender, ethnicity, race and dates of birth of more than 750,000 people. The incident shows that COVID-19 data could be poised for abuse and misuse, according to experts, which is ...

  • Hive ransomware attacks Memorial Health System, steals patient data

    August 16, 2021

    In what appears to be an attack from the Hive ransomware gang, computers of the non-profit Memorial Health System have been encrypted, forcing staff to work with paper charts. The attack occurred early Sunday morning and the IT department detected it once they noticed that parts of the infrastructure no longer responded as expected. Read more… Source: Bleeping ...

  • Ransomware attack hits Italy’s Lazio region, affects COVID-19 site

    August 4, 2021

    The Lazio region in Italy has suffered a reported ransomware attack that has disabled the region’s IT systems, including the COVID-19 vaccination registration portal. Early Sunday morning, the Lazio region suffered a ransomware attack that encrypted every file in its data center and disrupted its IT network. “The attack blocked almost every file in the data center. ...

  • PwnedPiper critical bug set impacts major hospitals in North America

    August 2, 2021

    Pneumatic tube system (PTS) stations used in thousands of hospitals worldwide are vulnerable to a set of nine critical security issues collectively referred to as PwnedPiper. PTS solutions are part of a hospital’s critical infrastructure as they are used to quickly deliver items like blood, tissue, lab samples, or medication to where they’re needed. Read more… Source: Bleeping ...

  • Northern Ireland’s COVID certification service suspended after data leak

    July 28, 2021

    Northern Ireland’s Department of Health (DoH) has temporarily halted its COVID-19 vaccine certification online service following a data exposure incident. Some users of COVIDCert NI app were presented with data of other users, under certain circumstances, says the Department. As seen by BleepingComputer, neither the web service nor the mobile app functionality is accessible at the time ...

  • UC San Diego Health discloses data breach after phishing attack

    July 27, 2021

    UC San Diego Health, the academic health system of the University of California, San Diego, has disclosed a data breach after the compromise of some employees’ email accounts. UC San Diego Health is one of the nation’s best hospitals, being repeatedly ranked as the best health care system in San Diego, according to the 2021-2022 U.S. ...

  • Why Healthcare Keeps Falling Prey to Ransomware and Other Cyberattacks

    July 2, 2021

    The healthcare industry is under attack like never before. What started as a surge in criminal activity during the early days of the coronavirus pandemic has now metastasized into a full-blown crisis within the healthcare industry worldwide. The recent disruptive ransomware attacks on Scripps Health in San Diego, Ireland’s national health service and Waikato hospitals in ...

  • The human cost of ransomware: Disruption to Irish health service will continue for months

    June 24, 2021

    Ireland’s health service faces months of disruption as it continues to recover from a ransomware attack, the head of the Health Service Executive (HSE) has warned. HSE, which is responsible for healthcare and social services across Ireland, fell victim to what was described as a “significant” ransomware attack on 14 May. The attack has been attributed to ...

  • Biden gave Putin list of 16 critical infrastructure entities ‘off limits’ to cyberattacks

    June 17, 2021

    President Biden told reporters Wednesday he gave President Vladimir Putin a list of 16 critical infrastructure entities that are “off limits” to a Russian cyberattack. Those entities include energy, water, health care, emergency, chemical, nuclear, communications, government, defense, food, commercial facilities, IT, transportation, dams, manufacturing and financial services. “We’ll find out whether we have a cybersecurity arrangement ...

  • Billions of records belonging to CVS Health exposed online

    June 16, 2021

    In another example of misconfigured cloud services impacting security, billions of records belonging to CVS Health have been exposed online. On Thursday, WebsitePlanet, together with researcher Jeremiah Fowler, revealed the discovery of an online database belonging to CVS Health. The database was not password-protection and had no form of authentication in place to prevent unauthorized entry. Upon ...

  • UF Health Florida hospitals back to pen and paper after cyberattack

    June 3, 2021

    UF Health Central Florida has suffered a reported ransomware attack that forced two hospitals to shut down portions of their IT network. The University of Florida Health, also known as UF Health, is a healthcare network of hospitals and physician practices that provide care to countries throughout Florida. Read more… Source: Bleeping Computer  

  • Swedish Health Agency shuts down SmiNet after hacking attempts

    May 31, 2021

    The Swedish Public Health Agency (Folkhälsomyndigheten) has shut down SmiNet, the country’s infectious diseases database, on Thursday after it was targeted in several hacking attempts. SmiNet, which is also used to store electronic reports with statistics on COVID-19 infections, was shut down on Thursday to investigate the attacks and was brought back online on Friday evening. Read ...

  • Indonesia’s national health insurance scheme leaks at least a million citizens’ records

    May 25, 2021

    Indonesia’s government has admitted to leaks of personal data from the agency that runs its national health insurance scheme On May 20th Kominfo, Indonesia’s Ministry of Communication and Information Technology, acknowledged it was aware of a post on notorious stolen-data-mart Raidforums offering to sell a million records leaked from the Badan Penyelenggara Jaminan Sosial (BPJS), an ...

  • FBI: Conti Ransomware Attacks Impact Healthcare and First Responder Networks

    May 20, 2021

    The FBI identified at least 16 Conti ransomware attacks targeting US healthcare and first responder networks, including law enforcement agencies, emergency medical services, 9-1-1 dispatch centers, and municipalities within the last year. These healthcare and first responder networks are among the more than 400 organizations worldwide victimized by Conti, over 290 of which are located in the U.S. ...

  • Conti ransomware gives HSE Ireland free decryptor, still selling data

    May 20, 2021

    The Conti ransomware gang has released a free decryptor for Ireland’s health service, the HSE, but warns that they will still sell or release the stolen data. Ireland’s HSE, the country’s publicly funded healthcare system, and the Department of Health were attacked by the Conti ransomware gang last Friday. Read more… Source:  Bleeping Computer  

  • Healthcare organizations in Ireland, New Zealand and Canada facing intrusions and ransomware attacks

    May 20, 2021

    Three healthcare institutions in Canada, Ireland and New Zealand are in the midst of security incidents this week, highlighting the perilous cybersecurity landscape within some of the world’s most important organizations. Ireland’s Department of Health was attacked twice in the last week, eventually shutting down their entire IT system after a ransomware attack last Thursday. The ...