• Capita cyber-attack: 90 organisations report data breaches

    May 30, 2023

    About 90 organisations have reported breaches of personal information held by Capita after the outsourcing group suffered a cyber-attack, Britain’s data watchdog has said. The company, which runs crucial services for local councils, the military and the NHS, experienced the hack, which caused a significant IT outage, in March. Read more… Source: The Guardian  

  • MCNA Dental data breach impacts 8.9 million people after ransomware attack

    May 29, 2023

    Managed Care of North America (MCNA) Dental has published a data breach notification on its website, informing almost 9 million patients that their personal data were compromised. MCNA Dental is one of the largest government-sponsored (Medicaid and CHIP) dental care and oral health insurance providers in the U.S. Read more… Source: Bleeping Computer  

  • Hot Pixels attack checks CPU temp, power changes to steal data

    May 27, 2023

    A team of researchers at Georgia Tech, the University of Michigan, and Ruhr University Bochum have developed a novel attack called “Hot Pixels,” which can retrieve pixels from the content displayed in the target’s browser and infer the navigation history. The attack exploits data-dependent computation times on modern system-on-a-chip (SoCs) and graphics processing units (GPUs) and ...

  • Apria Healthcare says potentially 2M people caught up in IT security breach

    May 23, 2023

    Personal and financial data describing almost 1.9 million Apria Healthcare patients and employees may have been accessed by crooks who breached the company’s networks over a series of months in 2019 and 2021. The home healthcare equipment provider, which says it serves about two million patients from 280 locations across America, said it discovered the intrusion ...

  • Data of 5.82M PharMerica patients stolen, accessed during cyberattack

    May 15, 2023

    More than 5.81 million patients tied to PharMerica have been notified that their data was accessed and stolen during a March cyberattack. The long-term care pharmacy solution provider reported the breach to the Office of the Maine Attorney General on May 12. On March 14, PharMerica “learned of suspicious activity” on its network and worked to ...

  • North Korean hackers breached major hospital in Seoul to steal data

    May 10, 2023

    The Korean National Police Agency (KNPA) warned that North Korean hackers had breached the network of one of the country’s largest hospitals, Seoul National University Hospital (SNUH), to steal sensitive medical information and personal details. The incident occurred between May and June 2021, and the police conducted an analytical investigation during the past two years to ...

  • IT giant Bitmarck shuts down customer, internal systems after cyberattack

    May 1, 2023

    German IT services provider Bitmarck has shut down all of its customer and internal systems, including entire datacenters in some cases, following a cyberattack. The company, one of the largest service providers for German health insurers, said no customer, patient, or insured individuals’ data had been accessed in the security breach — at least not according ...

  • CISA Releases One Industrial Control Systems Medical Advisory

    April 27, 2023

    CISA released one Industrial Control Systems Medical (ICS) medical advisory on April 27, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS medical advisory for technical details and mitigations Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Related story: CISA Releases ...

  • Failed IT systems at Capita fuel fears of cyber-attack on crucial NHS provider

    March 31, 2023

    Computer systems have abruptly stopped working at the outsourcing group Capita, knocking out council phone lines and triggering fears that the company that runs crucial operations for the NHS and the military could be under cyber-attack. Capita staff are understood to have been unable to access IT systems since the early hours of Friday, and an ...

  • UK Government sets out strategy to protect NHS from cyber attacks

    March 22, 2023

    The government will provide a plan to promote cyber resilience across the health and care sectors by 2030, protecting both services and patients. New strategy sets out 5 key ways to build cyber resilience in health and care by 2030 Cyber strategy will protect health and adult social care functions and services, which the whole nation depends ...

  • KillNet and affiliate hacktivist groups targeting healthcare with DDoS attacks

    March 17, 2023

    In the last year, geopolitical tension has led to an uptick of reported cybercrime events fueled by hacktivist groups. The US Cybersecurity and Infrastructure Security Agency (CISA) published an advisory to warn organizations about these attacks and teamed with the FBI on a distributed denial-of-service (DDoS) response strategy guide. KillNet, a group that the US ...

  • Hydrochasma: Previously unknown group targets medical and shipping organizations in Asia

    February 22, 2023

    Shipping companies and medical laboratories in Asia are being targeted in a likely intelligence-gathering campaign that relies exclusively on publicly available and living-off-the-land tools. Hydrochasma, the threat actor behind this campaign, has not been linked to any previously identified group, but appears to have a possible interest in industries that may be involved in COVID-19-related treatments ...

  • Ransomware crooks steal 3m+ patients’ medical records, personal info

    February 11, 2023

    Several California medical groups have sent security breach notification letters to more than three million patients alerting them that crooks may have stolen a ton of their sensitive health and personal information during a ransomware infection in December. According to the Southern California health-care organizations, which include Regal Medical Group, Lakeside Medical Organization, ADOC Medical Group, ...

  • #StopRansomware – Ransomware Attacks on Critical Infrastructure Fund DPRK Espionage Activities

    February 10, 2023

    CISA, the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), the Department of Health and Human Services (HHS), and Republic of Korea’s Defense Security Agency and National Intelligence Service have released a joint Cybersecurity Advisory (CSA), Ransomware Attacks on Critical Infrastructure Fund DPRK Espionage Activities, to provide information on ransomware activity used by North ...

  • UK cracks down on ransomware actors

    February 9, 2023

    seven Russian nationals have assets frozen and travel bans imposed ransomware is a tier 1 national security threat, with attacks against businesses and public sector organisations increasingly common. Recent victims include UK schools, local authorities and firms – whilst internationally the Irish Health Service Executive, Costa Rican government and American healthcare providers were targeted new campaign of ...

  • ‘Real arms race’ on defending Irish health system against cyber attacks

    February 9, 2023

    There is a “real arms race” between cyber attackers and efforts to defend Irish health systems, a committee has heard. The Public Accounts Committee also heard that 32,000 letters had been issued in recent weeks to patients, clients and staff affected by the 2021 Health Service Executive (HSE) cyber attack. Read more… Source:  

  • Tallahassee Memorial hospital victim of suspected ransomware attack

    February 3, 2023

    Tallahassee Memorial HealthCare is postponing all non-emergency patient procedures as officials manage an Information Technology security issue that occurred late Thursday night, according to a memo from the hospital. The IT security breach is a suspected ransomware attack, according to sources with knowledge of the situation. Read more… Source: Florida Politics  

  • North Korean hackers stole research data in two-month-long breach

    February 2, 2023

    A new cyber espionage campaign dubbed ‘No Pineapple!’ has been attributed to the North Korean Lazarus hacking group, allowing the threat actors to stealthily steal 100GB of data from the victim without causing any destruction. The campaign lasted between August and November 2022, targeting organizations in medical research, healthcare, chemical engineering, energy, defense, and a leading ...

  • University of Iowa Hospitals website possibly hit by cyberattack

    February 1, 2023

    A Russian hacking group has claimed to have taken down the University of Iowa Hospitals and Clinics website, along with the websites of dozens of other hospitals nationwide. UIHC has acknowledged its website is down Tuesday afternoon and its IT staff is investigating the cause but could not confirm whether it was the result of a ...

  • University of Michigan Health says cyber attack impacted public websites, not patient info

    January 30, 2023

    Michigan Health officials say its public websites experienced issues due to a cyber attack but claims the issue did not impact patient information. In a statement on Monday, officials say the attack affected a “third-party vendor we use to host some of our sites.” Read more… Source: CBS Detroit News