Following the likes of ChangeHealthcare, Kaiser, Cencora, and several others during the past few months, another major US healthcare service has reported suffering a cyberattack that resulted in the theft of sensitive patient data.
This latest victim is HealthEquity, which was on the receiving end of an apparent supply chain attack. In an 8-K form, filed with the US Securities and Exchange Commission (SEC) earlier this week, HealthEquity reported how earlier this year, as it was routinely monitoring its systems, it discovered “anomalous behavior by a personal use device belonging to a business partner.”
Read more…
Source: MSN News
Related:
- British Columbia: Clients of Indigenous health authority react to ransomware attack
October 9, 2024
The First Nations Health Authority (FNHA) in British Columbia says it has concluded its investigation into a ransomware attack in May, but some clients remain concerned about the theft of their medical and personal information. The FNHA said it “uncovered evidence that health insurance plan billing data, procurement contracts, business contracts, FNHA budgets, cheques, information on ...
- Awareness of Cyber Risks to Healthcare Organizations is not Always Translating to Adequate Protections
October 8, 2024
Despite growing awareness and widespread acknowledgment of the impact of cyber threats facing the healthcare industry, many within it are still struggling to keep them at bay. The third annual Ponemon Institute Report, commissioned by Proofpoint, found that 92% of US healthcare organizations surveyed experienced at least one cyber attack in the past 12 month, with ...
- Cyber Security Bill will prevent future attacks on NHS
October 2, 2024
New legislation to improve UK cyber defences and protect public services will prevent attacks similar to the ransomware attack impacting London hospitals, according to the Department of Science, Innovation and Technology (DSIT). The Cyber Security and Resilience Bill, which is due to be introduced to Parliament in 2025, was first announced in the King’s Speech on ...
- Storm-0501: Ransomware attacks expanding to hybrid cloud environments
September 26, 2024
Microsoft has observed the threat actor tracked as Storm-0501 launching a multi-staged attack where they compromised hybrid cloud environments and performed lateral movement from on-premises to cloud environment, leading to data exfiltration, credential theft, tampering, persistent backdoor access, and ransomware deployment. The said attack targeted multiple sectors in the United States, including government, manufacturing, transportation, and ...
- Australia’s biggest medical imaging provider I-MED data breach exposes tens of thousands of patient files
September 26, 2024
Tens of thousands of patients from Australia’s biggest medical imaging provider I-MED have had swaths of sensitive health and personal information exposed in a data breach using details that have been public for a year. This information includes medical reports, scan images, names, addresses and other details that were stored in I-MED’s internal systems, which were ...
- ‘Two-factor authentication may have stopped Synnovis cyber attack’
September 25, 2024
The cyber attack on pathology provider Synnovis could have been prevented by two-factor authentication, according to Beverley Bryant, strategic advisor in the frontline digitisation team at NHS England. Speaking at the Health Excellence Through Technology (HETT) conference on 24 September 2024, in a session titled ‘Best practice in cyber security: Achieving excellence in the health and ...