Tag: healthcare
-
Critical infrastructure under attack: Flaws becoming weapon of choice
Tags: access, attack, authentication, breach, china, citrix, communications, control, cve, cyber, cybersecurity, dark-web, data-breach, defense, exploit, flaw, fortinet, government, group, hacker, healthcare, ibm, identity, incident, infrastructure, intelligence, iran, kev, login, mfa, monitoring, moveIT, network, ransomware, risk, service, software, strategy, supply-chain, threat, update, vpn, vulnerability, zero-dayTrade in exploit code: IBM’s X-Force found four of the 10 most mentioned common vulnerabilities and exposures (CVEs) on the dark web were linked to sophisticated threat actor groups, including nation-state intelligence agencies.”Exploit codes for these CVEs were openly traded on numerous forums, fueling a growing market for attacks against power grids, health networks, and…
-
A handy list of risk questions every healthcare CISO should ask potential suppliers
First seen on scworld.com Jump to article: www.scworld.com/perspective/a-handy-list-of-risk-questions-every-healthcare-ciso-should-ask-potential-suppliers
-
Kettering Health hit by system-wide outage after ransomware attack
Kettering Health, a healthcare network that operates 14 medical centers in Ohio, was forced to cancel inpatient and outpatient procedures following a cyberattack that caused a system-wide technology outage. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/kettering-health-hit-by-system-wide-outage-after-ransomware-attack/
-
Kettering Health Experiences System-Wide Outage Due to Ransomware Attack
Kettering Health, a major healthcare provider, has been hit by what appears to be a ransomware attack causing a system-wide technology outage that has severely limited access to critical patient care systems. The attack, which began early Tuesday, May 20, has forced the organization to cancel all elective procedures and has impacted their call center…
-
Free to Choose the Right Security for Your Cloud
Is Choosing Cloud Security a Complex Task? From financial services and healthcare to DevOps and SOC teams, businesses across sectors are grappling with the complexity of managing Non-Human Identities (NHIs). NHIs, essentially machine identities, are a critical component of an organization’s cybersecurity. They play a pivotal role in reducing threats by securing both the machine……
-
Breaches at Serviceaide, Nationwide Recovery Services expose medical info of more than 500,000 people
Hospitals tied to the two companies announced breaches over the last week involving Social Security numbers, financial information and sensitive health insurance data. First seen on therecord.media Jump to article: therecord.media/breaches-serviceaide-nationwide-medical-info
-
Debt Collector Hack Affects Long List of Clients, Patients
Healthcare Providers Are Among Nationwide Recovery Service Data Breach Victims. A 2024 hacking incident at a debt collection firm has affected a growing list of clients and at least hundreds of thousands of individuals so far, including 210,000 patients of Harbin Clinic in Georgia and nearly 90,000 patients of Texas-based Vitruvian Health, also known as…
-
Fake clinics used in healthcare phishing scam
First seen on scworld.com Jump to article: www.scworld.com/brief/fake-clinics-used-in-healthcare-phishing-scam
-
Healthcare Sector Faces Growing Cyber Threats Amid Expanding Attack Surface
First seen on scworld.com Jump to article: www.scworld.com/brief/healthcare-sector-faces-growing-cyber-threats-amid-expanding-attack-surface
-
Healthcare cyber incidents surged last year, report finds
First seen on scworld.com Jump to article: www.scworld.com/brief/healthcare-cyber-incidents-surged-last-year-report-finds
-
Health Care Data Breach Costs BreachForums Admin $700,000 Fine
Conor Brian Fitzpatrick, the 22-year-old former administrator of cybercrime forum Breachforums, will forfeit approximately $700,000 to settle a civil lawsuit stemming from a healthcare data breach. The settlement marks a rare instance where a cybercriminal’s assets will directly compensate victims of a data breach. Fitzpatrick, known online as >>Pompompurin,
-
Cyberangriff auf eine Klinik in Russland
Russian hospital faces multi-day shutdown as pro-Ukraine group claims cyberattack First seen on therecord.media Jump to article: therecord.media/russia-hospital-shutdown-lecardo
-
Agentic AI Tech Firm Says Health Data Leak Affects 483,000
Serviceaide Incident Exposed Patient Data of Catholic Health, a NY-Based Client. Serviceaide, a provider of agentic AI-based IT management and workflow software, reported to regulators that an inadvertent exposure of data on the web has affected more than 483,000 patients of client Catholic Health, a network of six hospitals and dozens of other facilities in…
-
Human Rights Group’s Complaint Forms Exposed on Internet
Australian Human Rights Commission Detected Leak of 670 Online Forms After a Month. The Australian Human Rights Commission said unprotected online complaint forms exposed the personal, healthcare and demographic information of Australians to the public internet for over a month. The data leak exposed 670 complaints and nominations online. First seen on govinfosecurity.com Jump to…
-
Russian hospital faces multi-day shutdown as pro-Ukraine group claims cyberattack
Authorities in the republic of Chuvashia confirmed attackers targeted software used to manage patient records and medical histories. First seen on therecord.media Jump to article: therecord.media/russia-hospital-shutdown-lecardo
-
Russian hospital faces multi-day shutdown as pro-Ukraine group claims cyberattack
Authorities in the republic of Chuvashia confirmed attackers targeted software used to manage patient records and medical histories. First seen on therecord.media Jump to article: therecord.media/russia-hospital-shutdown-lecardo
-
Prescription for disaster: Sensitive patient data leaked in Ascension breach
Ascension, one of the largest private healthcare companies in the United States, has confirmed that the personal data of some 437,329 patients has been exposed following an attack by cybercriminals. First seen on fortra.com Jump to article: www.fortra.com/blog/prescription-disaster-sensitive-patient-data-leaked-ascension-hack
-
Healthcare Cyber-Attacks Intensify, Sector Now Prime Target
New data from Darktrace showed that cyber-attacks targeting healthcare organizations increased in intensity in 2024 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/healthcare-cyber-attacks-intensify/
-
Building Confidence in Your Cybersecurity Strategy
Why is a Comprehensive Cybersecurity Strategy Essential? A robust cybersecurity strategy is no longer a luxury but a necessity. Whether it is financial services, healthcare, or travel, organizations are making significant shifts to the digital domain. It has become critical to safeguard sensitive data from threats and risks. But how can businesses build confidence in……
-
Netgain Technology Pays $1.9M in Data Breach Settlement
Financially Strapped Cloud Services Firm Settles Suit From 2020 Patient Data Hack. A financially strapped cloud services vendor that experienced a 2020 ransomware attack affecting dozens of healthcare sector clients and hundreds of thousands of patients has agreed to a $1.9 million settlement in proposed class action litigation involving the data theft case. First seen…
-
Interlock Ransomware Targeting Defense Contractors and Supply Chain Networks
The Interlock Ransomware group has emerged as a significant adversary targeting defense contractors and their intricate supply chain networks. First identified in September 2024, Interlock has rapidly shifted from opportunistic attacks across sectors like healthcare and technology to highly targeted assaults on the defense industrial base. A recent attack on National Defense Corporation (NDC) and…
-
Endemic Ransomware Prompts NHS to Demand Supplier Action on Cybersecurity
The voluntary cybersecurity charter asks NHS suppliers to commit to eight cybersecurity pledges, amid rising attacks on healthcare First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/endemic-ransomware-nhs-supplier/
-
Nation-State Actors Target Healthcare Institutions to Sabotage IT and OT Systems
The nation-state actors have increasingly set their sights on healthcare institutions worldwide, launching sophisticated cyberattacks aimed at disrupting both Information Technology (IT) and Operational Technology (OT) systems. These attacks, often orchestrated by state-sponsored groups with significant resources, pose a severe threat to patient safety, data integrity, and the operational continuity of critical healthcare services. Cybersecurity…
-
Healthcare Cyberattacks in 2024 Expose 276 Million Patient Records Compromised
The healthcare sector faced an unprecedented wave of cyber threats, with a staggering 92% of organizations reporting at least one cyberattack. This alarming statistic resulted in the compromise of over 276 million patient records, equating to approximately 758,000 records breached daily. The fallout from these breaches has been profound, with victims of medical identity theft…
-
Earth Ammit Breached Drone Supply Chains via ERP in VENOM, TIDRONE Campaigns
Tags: cyber, espionage, group, healthcare, korea, military, service, software, supply-chain, technologyA cyber espionage group known as Earth Ammit has been linked to two related but distinct campaigns from 2023 to 2024 targeting various entities in Taiwan and South Korea, including military, satellite, heavy industry, media, technology, software services, and healthcare sectors.Cybersecurity firm Trend Micro said the first wave, codenamed VENOM, mainly targeted software service providers,…
-
Ascension: Software Exploit Breach Affects Nearly 440,000
Former Business Partner’s Third-Party Software at Center of Hospital Chain’s Incident. Ascension Health is notifying nearly 440,000 patients of a breach involving a former business partner and exploit of a third-party software flaw. Some experts speculate the incident involved Cleo managed file transfer software. The breach is one of several Ascension experienced in recent months.…
-
The rise of vCISO as a viable cybersecurity career path
Tags: advisory, business, ceo, cio, ciso, compliance, computer, control, country, cyber, cybersecurity, government, grc, group, guide, healthcare, incident response, infrastructure, ISO-27001, jobs, mobile, network, nist, risk, risk-assessment, risk-management, service, skills, strategy, technology, tool, trainingDamon Petraglia, vCISO and CISO on demand Blue Mantis Damon Petraglia A long-time cybersecurity pro with chops built up in the federal government world and through forensic investigation work, Damon Petraglia works as a vCISO and CISO on demand for the IT services firm Blue Mantis.”Where I am today as a vCISO is a culmination…
-
Mature But Vulnerable: Pharmaceutical Sector’s Cyber Reality
Pharmaceutical companies typically have more mature cyber programs than other healthcare factions, but these firms also face unique risks involving their large attack surfaces, complex manufacturing, supply chains and sensitive intellectual property, said Joshua Mullen of Booz Allen Hamilton. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/mature-but-vulnerable-pharmaceutical-sectors-cyber-reality-i-5476
-
Ascension says recent data breach affects over 430,000 patients
Ascension, one of the largest private healthcare systems in the United States, has revealed that a data breach disclosed last month affects the personal and healthcare information of over 430,000 patients. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ascension-says-recent-data-breach-affects-over-430-000-patients/