A May ransomware attack on Ascension, a U.S. healthcare giant with more than 140 hospitals and dozens of senior living facilities, allowed hackers to steal personal and sensitive health information on 5.6 million patients, according to a new filing with Maine’s attorney general.
The cyberattack caused widespread disruption across its hospital system, with some staff describing harrowing lapses in healthcare as a result, including delayed or lost lab results, and medication errors. The Black Basta gang was blamed for the attack, which saw the group steal patients’ medical information, like dates of service, lab tests, and procedure codes; payment information, such as credit card and bank account numbers.
Read more…
Source: TechCrunch News
Related:
- Progress Software Releases Security Advisory for MOVEit Transfer
June 1, 2023
Progress Software has released a security advisory for a SQL injection vulnerability (CVE-2023-34362) in MOVEit Transfer—a Managed File Transfer Software. A cyber threat actor could exploit this vulnerability to take over an affected system. CISA urgers users and organizations to review the MOVEit Transfer Advisory. Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency
- North Korea Using Social Engineering to Enable Hacking of Think Tanks, Academia, and Media
June 1, 2023
The Federal Bureau of Investigation (FBI), the U.S. Department of State, and the National Security Agency (NSA), together with the Republic of Korea’s National Intelligence Service (NIS), National Police Agency (NPA), and Ministry of Foreign Affairs (MOFA), are jointly issuing this advisory to highlight the use of social engineering by Democratic People’s Republic of Korea ...
- Amazon’s Ring doorbell was used to spy on customers, FTC says in privacy case
June 1, 2023
A former employee of Amazon’s Ring doorbell camera unit spied on female customers for months in 2017 with cameras placed in bedrooms and bathrooms, the Federal Trade Commission said in a court filing on Wednesday when it announced a $5.8m settlement with the company over privacy violations. Amazon also agreed to pay $25m to settle allegations ...
- MCNA Dental data breach impacts 8.9 million people after ransomware attack
May 29, 2023
Managed Care of North America (MCNA) Dental has published a data breach notification on its website, informing almost 9 million patients that their personal data were compromised. MCNA Dental is one of the largest government-sponsored (Medicaid and CHIP) dental care and oral health insurance providers in the U.S. Read more… Source: Bleeping Computer
- New York county still dealing with ransomware eight months after attack
May 29, 2023
The fallout from an eight-month-old cyber attack on a county in Long Island, New York has devolved into mud-slinging as leaders try to figure out just what is going on. Suffolk County was hit with a ransomware attack in early September 2022, which led county executive Steve Bellone to issue nine separate emergency declarations, Long ...
- Hot Pixels attack checks CPU temp, power changes to steal data
May 27, 2023
A team of researchers at Georgia Tech, the University of Michigan, and Ruhr University Bochum have developed a novel attack called “Hot Pixels,” which can retrieve pixels from the content displayed in the target’s browser and infer the navigation history. The attack exploits data-dependent computation times on modern system-on-a-chip (SoCs) and graphics processing units (GPUs) and ...