- Nearly 1M Medicare beneficiaries potentially affected after data breach
September 10, 2024
Nearly 1 million Medicare beneficiaries are being warned that their personal information may have been compromised in a cybersecurity incident last year. The Centers for Medicare & Medicaid Services (CMS) and Wisconsin Physicians Service Insurance Corporation (WPS), the contractor that utilized the affected MOVEit software, said last week that 946,801 people on Medicare were notified that ...
- Tropic Trooper spies on government entities in the Middle East
September 5, 2024
Tropic Trooper (also known as KeyBoy and Pirate Panda) is an APT group active since 2011. This group has traditionally targeted sectors such as government, healthcare, transportation and high-tech industries in Taiwan, the Philippines and Hong Kong. Kaspersky recent investigation has revealed that in 2024 they conducted persistent campaigns targeting a government entity in the Middle ...
- #StopRansomware: RansomHub Ransomware
August 29, 2024
The Federal Bureau of Investigation (FBI) and partners are releasing this joint advisory to disseminate known RansomHub ransomware IOCs and TTPs. These have been identified through FBI threat response activities and third-party reporting as recently as August 2024. RansomHub is a ransomware-as-a-service variant—formerly known as Cyclops and Knight—that has established itself as an efficient and successful ...
- How the ransomware attack at Change Healthcare went down: A timeline
August 17, 2024
A ransomware attack earlier this year on UnitedHealth-owned health tech company Change Healthcare likely stands as one of the largest data breaches of U.S. health and medical data in history. Months after the February data breach, a “substantial proportion of people living in America” are receiving notice by mail that their personal and health information was ...
- Kootenai Health cyber attack impacts 464,000 patients
August 15, 2024
US healthcare provider Kootenai Health has revealed that data belonging to 464,000 patients has been compromised following a cyber attack. The non-profit health system, based in Coeur d’Alene, Idaho, said it was alerted to a potential data breach in March 2024 after noticing “unusual activity that disrupted access to certain IT systems”. Following an investigation, Kootenai ...
- Advanced fined £6m over stolen patient data in 2022 cyber attack
August 7, 2024
The Information Commissioner’s Office (ICO) has imposed a £6.09 million fine on software provider Advanced following an initial finding that it failed to implement measures to protect the personal information of almost 83,000 people. A number of health and care systems delivered by Advanced first experienced major outages on 4 August 2022, disrupting several critical services ...
- Operation Giant Financial Storm Under Circuit Breaker Orders
August 2, 2024
Since 2022, the BerBeroka group has been mentioned in every annual report released by the QiAnXin Threat Intelligence Center. The group was disclosed by QiAnXin friendly company Trend Micro. QiAnXin researchers have continued to track it under this name after merging internal groups. In fact, BerBeroka is the same as group such as DRBControl and TAG33 . ...
- Pharma giant Cencora is alerting millions about its data breach
August 2, 2024
Cencora has so far notified over a million people around the U.S. that their personal and protected health information was compromised in a data breach earlier this year. The pharmaceutical giant in May said that a February incident resulted in the compromise of patients’ data, which Cencora obtained through partnerships with drug makers it works with ...
- Optus and Medibank Data Breach Cases Allege Cyber Security Failures
August 2, 2024
2022 was a big year for cyber security breaches in Australia. Both telecommunications provider Optus and private health insurer Medibank suffered large-scale data breaches affecting tens of millions of Australians, leading to heightened regulatory and business focus on cyber security in the years since. The two data breaches also led to legal action, with recent court ...
- OneBlood hit by ransomware attack, tells hospitals to activate critical shortage alerts
August 1, 2024
Nonprofit medical organization OneBlood, which plays a crucial role in serving facilities across the Southeastern US, has been targeted in a ransomware attack which caused an IT systems outage, causingover 250 hospitals to activate critical blood shortage protocols. The move disrupted services across multiple US states, with the organization operating at a ‘significantly reduced capacity’ – ...
- The Proliferation of Cellular in IoT
July 30, 2024
Analysis of Cellular Based Internet of Things (IoT) Technology is a new whitepaper co-authored by Rapid7 principal security researcher Deral Heiland and Thermo Fisher Scientific lead product security researcher Carlota Bindner. In this new research, the authors dive deep into the fairly recent uptick in the use of cellular communications in IoT-based devices like GPS trackers ...
- Intruders at HealthEquity rifled through storage, stole 4.3M people’s data
July 29, 2024
HealthEquity, a US fintech firm for the healthcare sector, admits that a “data security event” it discovered at the end of June hit the data of a substantial 4.3 million individuals. Stolen details include addresses, telephone numbers and payment data.… The incident began in March but was only detected in June. The company said in a ...
- EU to toughen cyberattack defence strategy for healthcare sector
July 24, 2024
Political Guidelines 2024-2029 published before Von der Leyen’s reappointment as president of the EU executive last week included suggested a new action plan on cybersecurity of hospitals and healthcare providers will be presented in the first 100 days of the new mandate. The Guidelines were published a day before a massive IT outage brought hospitals and ...
- CrowdStrike Took Down Australia And Half The World Now Facing Massive Compensation Claims
July 19, 2024
The reputation of a Company that describes themselves as one of the world’s best cyber security Companies is in tatters tonight, with the US business facing the potential of being sued by hundreds of business including major retailers in Australia and insurance Companies looking to claw back payouts for lost income, airline delays and customers ...
- What Is CrowdStrike? Security Company Implicated In Online Outage
July 19, 2024
CrowdStrike is a company that provides cloud-based online security solutions. Its software is used by some of the largest players in cloud services, including Amazon’s AWS. CrowdStrike has also been implicated in the global outage that has impacted retailers, airlines, media companies and more. The company’s co-founder has acknowledged the issue, and says a fix has ...
- Microsoft IT outage linked to cyber security firm Crowdstrike hits airlines, railways, NHS and media outlets globally
July 19, 2024
The ‘most serious IT outage the world has ever seen’ sparked global chaos today – with planes and trains grounded, the NHS disrupted, shops closed, football teams unable to sell tickets and banks and TV channels knocked offline. The devastating technical fault caused Windows computers to suddenly shut down, prompting departure boards to immediately turn off ...
- MediSecure reveals 12.9 million Australians had personal data stolen in cyber attack earlier this year
July 18, 2024
eScript provider MediSecure has revealed the personal data of 12.9 million Australians was stolen by hackers earlier this year, making it one of the largest cyber breaches in Australian history. MediSecure, which facilitates electronic prescriptions and dispensing, confirmed it was the victim of a large-scale data breach in May. The company had previously not disclosed how ...
- Rite Aid confirms data breach following ransomware attack
July 15, 2024
American drugstore chain Rite Aid has confirmed that last month’s ransomware attack resulted in data theft. In a statement, the company said it was currently investigating the cyberattack, and is working on sending out data breach notifications to affected customers. “Rite Aid experienced a limited cybersecurity incident in June, and we are finalizing our investigation. We ...
- NHS remains vulnerable to further cyber-attacks
July 8, 2024
A leading cybersecurity expert has warned that the NHS remains vulnerable to further cyber-attacks unless it updates its computer systems. This stark assessment comes in the wake of a major ransomware attack that has severely disrupted healthcare services across London. Prof Ciaran Martin, the founding CEO of the UK’s National Cyber Security Centre (NCSC), told the ...
- Yet another top US healthcare service provider has been hacked, with patient data exposed
July 4, 2024
Following the likes of ChangeHealthcare, Kaiser, Cencora, and several others during the past few months, another major US healthcare service has reported suffering a cyberattack that resulted in the theft of sensitive patient data. This latest victim is HealthEquity, which was on the receiving end of an apparent supply chain attack. In an 8-K form, filed ...