Healthcare

June 4, 2019

A massive data breach has struck Quest Diagnostics and the information of up to 11.9 million patients has potentially been compromised. On Monday, the US clinical laboratory said that American Medical Collection Agency (AMCA), a billing collections provider that works with Quest, informed the company that an unauthorized user had managed to obtain access to AMCA systems. Through the ...

April 22, 2019

The information includes data on all rehab treatments and procedures, linked with patients’ names and other info. As if wrestling with addiction and recovery weren’t difficult enough, tens of thousands of patients of a rehab clinic in Pennsylvania may find their personal information hijacked and manipulated by identity thieves or extortionists. An ElasticSearch database that was left ...

April 4, 2019

German firm detected hacker code and covertly monitored it for over a year, before clearing it from network Security officials at the German multinational pharmaceutical and life sciences giant Bayer AG seem to be on the ball after they detected and then contained a cyber attack. It is reported that the Winnti hacking group had gained access ...

March 22, 2019

The U.S. Department of Homeland Security Thursday issued an advisory warning people of severe vulnerabilities in over a dozen heart defibrillators that could allow attackers to fully hijack them remotely, potentially putting lives of millions of patients at risk. Cardioverter Defibrillator is a small surgically implanted device (in patients’ chests) that gives a patient’s heart an ...

February 26, 2019

The IoT world has long since grown beyond the now-ubiquitous smartwatches, smartphones, smart coffee machines, cars capable of sending tweets and Facebook posts and other stuff like fridges that send spam. Today’s IoT world now boasts state-of-the-art solutions that quite literally help people. Take, for example, the biomechanical prosthetic arm made by Motorica Inc. This ...

February 21, 2019

Employees of Melbourne Heart Group in Malvern, Australia, have been unable to access patients’ medical records following a January ransomware attack that encrypted the health care provider’s files. The cardiology clinic disclosed the incident today on its website’s home page. “We have been assured that no patient’s privacy has been compromised in any way,” the statement reads. ...

January 19, 2019

The NHS in Cumbria has been hit by more than 150 cyber attacks in five years, the BBC can reveal. Of these, 147 were directed at University Hospitals of Morecambe Bay NHS Trust (UHMBT), which runs hospitals in Barrow, Kendal, Morecambe and Lancaster. The trust said it had spent £29,600 in 2017 dealing with the effects of ...

November 21, 2018

Three years ago, artificial intelligence company DeepMind embarked on a landmark effort to transform health care in the U.K. Now plans by owner Alphabet Inc. to wrap the partnership into its Google search engine business are tripping alarm bells about privacy. Data protection advocates cried foul when the company reversed course on an earlier pledge to keep DeepMind ...

November 7, 2018

During the third quarter of 2018 ransomware attacks were at an all-time high and the ransoms asked from organizations to decrypt the locked files were also on the rise according to a report from Beazley Breach Response (BBR) Services. According to their analysis, the number of ransomware attacks more than doubled during September when compared to ...

October 20, 2018

A hack was detected earlier this month in a government computer system that works alongside HealthCare.gov, exposing the personal information of approximately 75,000 people, according to the agency in charge of the portal. In a statement to CNN, the Centers for Medicare and Medicaid Services (CMS) said the system that was exposed through the hack was ...

September 28, 2018

International health insurance business Bupa has been fined £175,000 after a staffer tried to sell more than half a million customers’ personal information on the dark web. The miscreant was able to access Bupa’s CRM system SWAN, which holds records on 1.5 million people, generate and send bulk data reports on 547,000 Bupa Global customers to ...

September 3, 2018

More than half of all healthcare data breaches reported during 2017 could be traced back to people on the inside of victim organisations, according to an annual study by Verizon. The company’s latest Protected Health Information Data Breach Report (PHIDBR) looked at 1,368 mostly US examples, identifying 782 (57.5 per cent) as having an insider element. A ...

August 20, 2018

Hackers could gain access to NHS networks by exploiting vulnerabilities in fax machines, security researchers have suggested. Staff at Check Point Software discovered exploits in widely-used fax machines that enable hackers to spread malware through a malicious image file. Malware can be coded into the image file which, when decoded by the fax machine and uploaded to its ...

August 17, 2018

The unpatched flaw would allow a bad actor to execute information-exfiltrating malware, backdoors, ransomware or any other kind of bad code he or she chose. A vulnerability in the Philips IntelliSpace Cardiovascular (ISCV) line of medical data management products would allow privilege escalation and arbitrary code execution – opening the door for an attacker to siphon ...

August 11, 2018

In recent years there has been more attention paid to the security of medical devices; however, there has been little security research done on the unique protocols used by these devices. Many of the insulin pumps, heart monitors and other gadgets found in hospital rooms use aging protocol to communicate with nurses’ stations and doctors; ...

August 7, 2018

A MongoDB database was exposed online that contained health care information for 2 million patients in Mexico. This data included information such as the person’s full name, gender, date of birth, insurance information, disability status, and home address. The database was discovered by security researcher Bob Diachenko via Shodan, which is a search engine for all Internet connected devices and not just web ...

July 20, 2018

Singapore’s largest healthcare group, SingHealth, has suffered a massive data breach that allowed hackers to snatch personal information on 1.5 million patients who visited SingHealth clinics between May 2015 and July 2018. SingHealth is the largest healthcare group in Singapore with 2 tertiary hospitals, 5 national specialty , and eight polyclinics. According to an advisory released by Singapore’s Ministry ...

July 11, 2018

Why are hackers selling medical records of deceased patients? It is no shocker medical records are a prime target for cybercriminals. But less intuitive is the market for medical records of the deceased on the dark web. We took a closer look at the reason behind this strange trend. Here is what we found. First off, despite ...

April 30, 2018

A slew of devices from medical technology company Becton, Dickinson and Company (BD) are vulnerable to the infamous KRACK key-reinstallation attack, potentially enabling hackers to change and exfiltrate patient records. The KRACK vulnerability, discovered last October, is an industry-wide glitch in the WPA and WPA2 protocol for securing Wi-Fi that can cause “complete loss of control over data,” ...

April 23, 2018

Symantec has identified a new attack group dubbed Orangeworm deploying the Kwampirs backdoor in a targeted attack campaign against the healthcare sector and related industries. Symantec has identified a previously unknown group called Orangeworm that has been observed installing a custom backdoor called Trojan.Kwampirs within large international corporations that operate within the healthcare sector in the United States, ...