A May ransomware attack on Ascension, a U.S. healthcare giant with more than 140 hospitals and dozens of senior living facilities, allowed hackers to steal personal and sensitive health information on 5.6 million patients, according to a new filing with Maine’s attorney general.
The cyberattack caused widespread disruption across its hospital system, with some staff describing harrowing lapses in healthcare as a result, including delayed or lost lab results, and medication errors. The Black Basta gang was blamed for the attack, which saw the group steal patients’ medical information, like dates of service, lab tests, and procedure codes; payment information, such as credit card and bank account numbers.
Read more…
Source: TechCrunch News
Related:
- Albanian Army to establish a unit for cyber defense
December 29, 2021
The Department of Defense has launched a project in collaboration with US military cyber security partners, creating greater protection against external attacks that may occur in the future. This was announced by the Minister of Defense, Niko Peleshi from Elbasan during the question about the scandal with the publication of salaries and personal data of over ...
- Phishing incident causes data breach at West Virginia hospitals
December 22, 2021
A hospital system in West Virginia has suffered a data breach resulting from a phishing attack, which gave hackers access to several email accounts. Monongalia Health System — which runs Monongalia County General Hospital Company and Stonewall Jackson Memorial Hospital Company — said that hackers had access to several email accounts from May 10 to August ...
- Russian hackers made millions by stealing SEC earning reports
December 21, 2021
A Russian national working for a cybersecurity company has been extradited to the U.S. where he is being charged for hacking into computer networks of two U.S.-based filing agents used by multiple companies to file quarterly and annual earnings through the Securities and Exchange Commissions (SEC) system. Along with other conspirators, the individual made millions of ...
- Readout Of CISA Call With Critical Infrastructure Partners On Log4j Vulnerabilities And The Need For Increased Vigilance This Holiday Season
December 20, 2021
WASHINGTON – This afternoon, the Cybersecurity and Infrastructure Security Agency (CISA) held a call with critical infrastructure entities from the public and private sectors to emphasize the importance of remaining vigilant against cyber threats over the holiday season, particularly with the widespread exploitation of vulnerabilities in the Log4j software, which pose a severe risk to ...
- CISA Issues Emergency Directive Requiring Federal Agencies To Mitigate Apache Log4j Vulnerabilities
December 17, 2021
WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) issued Emergency Directive (ED) 22-02 today requiring federal civilian departments and agencies to assess their internet-facing network assets for the Apache Log4j vulnerabilities and immediately patch these systems or implement other appropriate mitigation measures. This Directive will be updated to further drive additional mitigation actions. The directive is in response to the active exploitation by multiple threat actors of vulnerabilities found in the widely used Java-based ...
- US federal agency compromised in suspected APT attack
December 17, 2021
A sophisticated threat actor has gained access and has backdoored the internal network of a US federal government agency. The security firm did not name the agency in its report, but The Record understands that the target of the attack was the United States Commission on International Religious Freedom (USCIRF). According to its website, the USCIRF is ...