Tag: healthcare
-
Anna Jaques Hospital ransomware breach exposed data of 300K patients
Anna Jaques Hospital has confirmed on its website that a ransomware attack it suffered almost precisely a year ago, on December 25, 2023, has exposed sensitive health data for over 316,000 patients. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/anna-jaques-hospital-ransomware-breach-exposed-data-of-300k-patients/
-
New Atrium Health data breach impacts 585,000 individuals
Atrium Health disclosed a data breach affecting 585,000 individuals to the HHS, potentially linked to the use of online tracking tools. Healthcare company Atrium Health disclosed a data breach that impacted 585,000 individuals. The company notified the US Department of Health and Human Services (HHS). Atrium Health launched an investigation into the security breach and…
-
Insider Breach, Email Attacks Net $1.7M in HIPAA Fines
Incidents at Pain Management Firm, Pediatric Hospital Affect 50,000 People. An insider breach at a Florida pain management firm and an email breach at a Colorado pediatric hospital have resulted in more than $1.7 million in fines for HIPAA violations found by federal investigators. The two incidents affected fewer than 50,000 people. First seen on…
-
Protecting the C-Suite in the Wake of UHC CEO’s Murder
The torrents of public hostility directed at health insurers in the aftermath of UnitedHealthCare CEO Brian Thompson’s murder are serious signs of intensifying cyber and physical threats facing the C-suites of healthcare and many other sectors, said Chris Pierson, founder and CEO of BlackCloak. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/protecting-c-suite-in-wake-uhc-ceos-murder-i-5428
-
Cyberangriff auf Krankenhäuser in Großbritannien
Single cyberattack impacted three Liverpool hospitals First seen on computing.co.uk Jump to article: www.computing.co.uk/news/2024/security/single-cyberattack-impacted-three-liverpool-hospitals
-
What is PHI? (Protected Health Information)
Protected Health Information (PHI) is a critical aspect of healthcare, encompassing any data that can identify an individual and is used in the context of medical care. Examples of PHI include personal identifiers (name, address, Social Security number), medical records, health insurance information, and even communications containing health details. The post What is PHI? (Protected…
-
British hospitals hit by cyberattacks still battling to get systems back online
Children’s hospital and cardiac unit say criminals broke in via shared ‘digital gateway service’ First seen on theregister.com Jump to article: www.theregister.com/2024/12/05/hospital_cyberattack/
-
Shared digital gateway was source of three NHS ransomware attacks
Alder Hey children’s hospital confirms ransomware operators accessed its systems through a shared digital gateway, but is standing firm in the face of the gang’s demands First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366616832/Shared-digital-gateway-was-source-of-three-NHS-ransomware-attacks
-
Wirral Hospital Recovery Continues One Week After Cyber Incident
Wirral University Teaching Hospital is recovering from a cybersecurity incident that occurred on November 25, with some patient services still disrupted as systems are being restored First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/wirral-hospital-recovery-continues/
-
Preparing for 2025 Cybersecurity Warnings
Tags: attack, breach, crowdstrike, cybersecurity, data-breach, healthcare, ransomware, vulnerability2024 has been a defining year for cybersecurity. The Change Healthcare breach exposed 100+ million sensitive records, while the Crowdstrike attack affected 8.5 million systems and cost Fortune 500 companies $5.4 billion. Ransomware incidents, like the Ticketmaster breach, have also increased, while the Transport for London and NHS hacks revealed critical vulnerabilities in governmental organisations.…
-
Liverpool Children’s Hospital Confirms Cyber-Attack
Alder Hey Children’s NHS Foundation Trust said a single attack compromised the systems of three NHS entities First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/liverpool-children-hospital/
-
Ransomware hackers target NHS hospitals with new cyberattacks
Two NHS trusts in England have been hacked in recent weeks, the latest attacks to hit the national health service. First seen on techcrunch.com Jump to article: techcrunch.com/2024/12/04/ransomware-hackers-target-nhs-hospitals-with-new-cyberattacks/
-
FTC bans data brokers from selling Americans’ sensitive location data
Today, the FTC banned data brokers Mobilewalla and Gravy Analytics from harvesting and selling Americans’ location tracking data linked to sensitive locations, like churches, healthcare facilities, military installations, and schools. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ftc-bans-data-brokers-from-selling-americans-sensitive-location-data/
-
Ransomware’s Grip on Healthcare
Until C-level executives fully understand potential threats and implement effective mitigation strategies, healthcare organizations will remain vulnerable and at risk of disruption. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/ransomware-grip-healthcare
-
SmokeLoader picks up ancient MS Office bugs to pack fresh credential stealer
Threat actors are using a well-known modular malware loader, SmokeLoader, to exploit known Microsoft Office vulnerabilities and steal sensitive browser credentials.The loader which runs a framework to deploy multiple malware modules, was observed by Fortinet’s FortiGuard Labs in attacks targeting manufacturing, healthcare, and IT companies in Taiwan.”SmokeLoader, known for its ability to deliver other malicious…
-
EU enacts new laws to strengthen cybersecurity defenses and coordination
Tags: ai, compliance, cyber, cybersecurity, data, defense, framework, healthcare, infrastructure, law, network, penetration-testing, privacy, regulation, risk, service, soc, technology, threat, vulnerabilityThe European Union has enacted two new laws to bolster its cybersecurity defenses and coordination mechanisms. The measures, part of the cybersecurity legislative package, include the Cyber Solidarity Act and amendments to the Cybersecurity Act (CSA).These steps aim to improve the EU’s ability to detect, prepare for, and respond to cyber threats while fostering uniformity…
-
No guarantees of payday for ransomware gang that claims to have hacked children’s hospital
What is the point of INC Ransom’s attack on Alder Hey? They are not likely to be paid, and the attack on a children’s hospital only increases the chances that they will one day find their collars felt by law enforcement. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/no-guarantees-of-payday-for-ransomware-gang-that-claims-to-have-hacked-childrens-hospital
-
Feds Propose AI ‘Guardrails’ for Medicare Advantage Plans
Provision Emphasizes Existing Medicare Regs for Equitable Access to Health Services. The Centers for Medicare and Medicaid Services has issued proposed guardrails to help ensure that the use of artificial intelligence for Medicare Advantage insurance plans does not result in inequitable access to healthcare-related services. The proposed rule will go into effect in 2026. First…
-
Why identity security is your best companion for uncharted compliance challenges
Tags: access, ai, attack, authentication, automation, business, cloud, compliance, control, cyberattack, cybersecurity, data, detection, exploit, finance, framework, GDPR, governance, government, healthcare, HIPAA, identity, india, law, least-privilege, mitigation, monitoring, privacy, regulation, risk, risk-management, service, strategy, supply-chain, technology, threat, tool, zero-trustIn today’s rapidly evolving global regulatory landscape, new technologies, environments, and threats are heightening cybersecurity and data privacy concerns. In the last year, governing bodies have taken significant steps to enact stricter compliance measures”, and more than ever, they are focusing on identity-related threats.Some notable changes include: The National Institute of Standards and Technology (NIST)…
-
Feds Propose AI ‘Guard Rails’ for Medicare Advantage Plans
Provision Emphasizes Existing Medicare Regs for Equitable Access to Health Services. The Centers for Medicare and Medicaid Services has issued proposed guard rails to help ensure that the use of artificial intelligence for Medicare Advantage insurance plans does not result in inequitable access to healthcare-related services. The proposed rule will go into effect in 2026.…
-
Cyber Incidents Hit 3 NHS Hospitals in U.K.
Inc Ransom is Leaking Stolen Data in At Least 2 Attacks, Including Pediatric Info. At least three United Kingdom National Health Service hospitals are responding to recent cyber incidents, including a children’s hospital and a heart and chest specialty hospital are both located in Liverpool and share IT systems. Inc Ransom claims to have stolen…
-
Other UK hospitals purportedly subjected to INC Ransom attack
First seen on scworld.com Jump to article: www.scworld.com/brief/other-uk-hospitals-purportedly-subjected-to-inc-ransom-attack
-
2 UK Hospitals Targeted in Separate Cyberattacks
Alder Hey Children’s Hospital got hit with a ransomware attack, while the nature of an incident at Wirral University Teaching Hospital remains undisclosed. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/two-nhs-hospitals-targeted-in-separate-cyberattacks
-
SmokeLoader Malware Resurfaces, Targeting Manufacturing and IT in Taiwan
Taiwanese entities in manufacturing, healthcare, and information technology sectors have become the target of a new campaign distributing the SmokeLoader malware.”SmokeLoader is well-known for its versatility and advanced evasion techniques, and its modular design allows it to perform a wide range of attacks,” Fortinet FortiGuard Labs said in a report shared with The Hacker News.”While…
-
Second Merseyside hospital hit by cyber attack
Hot on the heels of a major cyber attack at a nearby NHS trust, one of Europe’s biggest and busiest children’s hospitals is reportedly scrambling to deal with ransomware gang First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366616504/Second-Merseyside-hospital-hit-by-cyber-attack
-
AWS launches tools to tackle evolving cloud security threats
The increasing sophistication and scale of cyber threats pose a growing challenge for enterprises managing complex cloud environments. Security teams often face overwhelming volumes of alerts, fragmented workflows, and limited tools to identify and respond to attack patterns spanning multiple events.Amazon Web Services (AWS) is addressing these challenges with two significant updates to its cloud…
-
Two UK Hospitals Hit by Cyberattacks, One Postponed Procedures
Alder Hey Children’s Hospital and Wirral University Teaching Hospital have fallen victim to cyberattacks, including one involving ransomware. The post Two UK Hospitals Hit by Cyberattacks, One Postponed Procedures appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/two-uk-hospitals-hit-by-cyberattacks-one-postponed-procedures/
-
Working in critical infrastructure? Boost your effectiveness with these cybersecurity certifications
Tags: attack, automation, awareness, china, cisa, communications, compliance, control, cyber, cybersecurity, defense, finance, germany, governance, government, healthcare, HIPAA, incident response, infrastructure, international, jobs, network, PCI, privacy, ransomware, resilience, risk, risk-management, russia, sans, service, skills, soc, supply-chain, technology, training, ukraine, update, warfareHybrid warfare between nation-states is imperilling critical infrastructure around the world, both physically and electronically. Since the start of the Ukraine-Russia conflict, hybrid cyber/physical attacks on satellite and communications, energy, transportation, water, and other critical sectors have spread across Europe and beyond.Chinese perpetrators are actively infiltrating telecommunications networks in the US and abroad, according to…