Healthcare

  • Healthcare company WebTPA discloses breach affecting 2.5 million people

    May 17, 2024

    A Texas-based company that provides health insurance and benefit plans disclosed a data breach affecting almost 2.5 million people, some of whom had their Social Security number stolen. WebTPA said in a data breach notice published earlier this month that the company detected “evidence of suspicious activity” on December 28, 2023, which prompted the company to ...

  • Another cyber-attack on Australian healthcare company

    May 16, 2024

    here’s been another large-scale ransomware data breach of an Australian company…this time at an e-script provider named Medi-Secure. Medi-Secure is a prescription exchange service, which offers electronic prescribing and dispensing of prescriptions. It’s not yet known how many data records have been accessed, but experts warn that many Australians might not even know their details were ...

  • Ireland: More than 470 legal proceedings issued against health service after ransomware hit

    May 14, 2024

    More than 470 legal proceedings have been issued against the Health Service Executive (HSE) in relation to a cyber attack that shutdown the health service’s IT systems and compromised the data of thousands of patients and staff three years ago. Conti, a Russia-based cybercrime group, launched its ransomware attack on the health service on May 14th, ...

  • Tennessee: New state law to protect entities under cyber attack from class action suits amid Ascension Health hack

    May 13, 2024

    Another healthcare system is under a cyber attack, and while it’s unclear what, if any information has been accessed, a soon-to-be law will prevent those whose information may have been exposed from filing a class action lawsuit against entities that are hacked as long as the organization wasn’t grossly negligent. According to a spokesperson for Ascension ...

  • DocGo patient health data stolen in cyberattack

    May 9, 2024

    Medical health care provider DocGo has disclosed in a form 8-K that it experienced a cybersecurity incident involving some of the company’s systems. As part of the investigation of the incident, the company says it has determined that the attacker accessed and acquired data, including certain protected health information. DocGo is a healthcare provider that offers ...

  • Ascension Health Becomes Latest Cyberattack Victim in Healthcare, Investigations Underway

    May 9, 2024

    Ascension Health has disclosed that after detecting “unusual activity,” that affected its clinical operations, the company contacted Mandiant, a cybersecurity firm, to investigate the cyberattack. According to Ascension Health’s official statement, the organization has processes in place to guarantee that patient care delivery remains safe and is affected as little as possible, and care staff are ...

  • UK: Cyber attack on Scots health board sees stolen data published on dark web

    May 7, 2024

    A large volume of data stolen during a cyber attack on a health board has been published by a ransomware group. Cyber criminals were able to access a significant amount of data including patient and staff-identifiable information during the attack on NHS Dumfries and Galloway which began at the end of February. Data relating to a ...

  • UnitedHealth data breach caused by lack of multifactor authentification

    May 1, 2024

    Hackers breached the computer system of a UnitedHealth Group subsidiary and released ransomware after stealing someone’s password, CEO Andrew Witty testified Wednesday on Capitol Hill. The cybercriminals entered through a portal that didn’t have multifactor authentification (MFA) enabled. During an hourslong congressional hearing, Witty told lawmakers that the company has not yet determined how many patients ...

  • Italy: SYNLAB affected by cyber-attack

    April 19, 2024

    SYNLAB AG announces that SYNLAB Italy is affected by the consequences of a cyber-attack. As a precaution and in accordance with the SYNLAB IT security procedures, all IT systems in Italy have been immediately deactivated as soon as the attack was identified in the early morning of 18 April 2024. As a result of the incident, ...

  • Change Healthcare faces another ransomware threat – and it looks credible

    April 12, 2024

    For months, Change Healthcare has faced an immensely messy ransomware debacle that has left hundreds of pharmacies and medical practices across the United States unable to process claims. Now, thanks to an apparent dispute within the ransomware criminal ecosystem, it may have just become far messier still. In March, the ransomware group AlphV, which had claimed ...

  • NHS board warns patients of further data leak after cyber attack

    April 9, 2024

    An NHS board has warned patients that further personal information could be leaked by cyber criminals who stole medical data in a major cyber attack. A large amount of confidential data was taken from NHS Dumfries and Galloway during a sustained hacking attack. Last week, INC Ransom, an extortion operation, posted a message on its dark ...

  • Massachusetts healthcare provider warns patients of data breach

    March 29, 2024

    A Massachusetts healthcare provider is warning patients of a recently discovered data breach that compromised some personal information. Brigham and Women’s Physician Organization, a Mass General Brigham Incorporated member, is notifying individuals of an incident it became aware of on Jan. 29, 2024, involving some patients’ personal information. Read more… Source: MSN News  

  • Hackers threaten to release ‘huge volume’ of stolen NHS Scotland data

    March 27, 2024

    A cybercrime group has claimed it will release a large volume of NHS Scotland data stolen during a sustained hacking attack. INC Ransom, an extortion operation, has posted a message on its dark web blog, threatening to release three terabytes – which equates to 3,000 gigabytes – of stolen health service patient and staff data. NHS ...

  • British authorities investigating the Princess of Wales medical records breach

    March 20, 2024

    British authorities said Wednesday they are investigating a possible breach of the medical records of Catherine, Princess of Wales. The Information Commissioners Office said the inquiries follow a “breach report” it had received. “We can confirm that we have received a breach report and are assessing the information provided,” it said. Read more… Source: Yahoo News  

  • Mandatory cyber requirements after Change Healthcare attack opposed by health sector

    March 18, 2024

    The American Hospital Association has opposed mandatory cybersecurity requirements proposed for the healthcare sector following the ransomware attack against Change Healthcare, which has resulted in widespread prescription processing outages across the U.S. “Imposing fines or cutting Medicare payments would diminish hospital resources needed to combat cybercrime and would be counterproductive to our shared goal of preventing ...

  • UK: NHS Dumfries and Galloway hit by cyber attack with ‘significant quantity’ of data at risk

    March 15, 2024

    NHS Dumfries and Galloway has been hit by a cyber attack, with the health board saying a “significant quantity” of data has been put at risk and services could potentially be disrupted. In a statement posted to its website on Friday, the board said the attack was “focused and ongoing” and the files accessed could include ...

  • Ransomware’s appetite for US healthcare sees known attacks double in a year

    March 15, 2024

    Following the February 21 attack on Change Healthcare, scores of people in the US have been living with the brutal, real-world effects of ransomware. Described by the American Hospital Association (AHA) President and CEO Rick Pollack as “the most significant and consequential incident of its kind against the US health care system in history,” the attack ...

  • A bug in an Irish government website exposed COVID-19 vaccination records

    March 14, 2024

    Two years ago, the Irish government fixed a vulnerability in its national COVID-19 vaccination portal that exposed the vaccination records of around a million residents. But details of the vulnerability weren’t revealed until this week after attempts to coordinate public disclosure with the government agency stalled and ended. Security researcher Aaron Costello said he discovered the ...

  • US health department opens probe into UnitedHealth hack

    March 13, 2024

    The U.S. government on Wednesday said it has opened an investigation into the cyberattack at UnitedHealth Group’s Change Healthcare to find out whether there was a breach of protected health data and if the company followed U.S. health privacy law. It is the first announcement of a probe by the Department Of Health and Human Services ...

  • Capita shares sink as outsourcing giant swings to £107m loss, takes £25m hit from cyber attack

    March 6, 2024

    Capita has incurred £25.3m in costs tied to a cyber attack last March as the outsourcing giant swung to an annual loss and ramped up its cost-cutting programme. Shares fell 16 per cent on Wednesday morning. The group, which runs key local government, military and NHS services, posted a pretax loss of £106.6m for 2023, compared ...