Browsing tag
On Thanksgiving Day 2023, while many Americans were celebrating, hospitals across the U.S. were doing quite the opposite. Systems were failing. Ambulances were diverted. Care was impaired. Hospitals in three states were hit by a ransomware attack, and in that moment, the real-world repercussions came to light—it wasn’t just computer networks that were brought to […]
The Iranian state-sponsored threat actor known as OilRig deployed three different downloader malware throughout 2022 to maintain persistent access to victim organizations located in Israel. The three new downloaders have been named ODAgent, OilCheck, and OilBooster by Slovak cybersecurity company ESET. The attacks also involved the use of an updated version of a known OilRig […]
Let’s begin with a thought-provoking question: among a credit card number, a social security number, and an Electronic Health Record (EHR), which commands the highest price on a dark web forum? Surprisingly, it’s the EHR, and the difference is stark: according to a study, EHRs can sell for up to $1,000 each, compared to a […]
Users of Mirth Connect, an open-source data integration platform from NextGen HealthCare, are being urged to update to the latest version following the discovery of an unauthenticated remote code execution vulnerability. Tracked as CVE-2023-43208, the vulnerability has been addressed in version 4.4.1 released on October 6, 2023. “This is an easily exploitable, unauthenticated remote code […]
The healthcare industry is under a constant barrage of cyberattacks. It has traditionally been one of the most frequently targeted industries, and things haven’t changed in 2023. The U.S. Government’s Office for Civil Rights reported 145 data breaches in the United States during the first quarter of this year. That follows 707 incidents a year […]
Australian health insurer Medibank today confirmed that personal data belonging to around 9.7 million of its current and former customers were accessed following a ransomware incident. The attack, according to the company, was detected in its IT network on October 12 in a manner that it said was “consistent with the precursors to a ransomware […]
Australian health insurance firm Medibank on Wednesday disclosed that the personal information of all of its customers had been unauthorizedly accessed following a recent ransomware attack. In an update to its ongoing investigation into the incident, the firm said the attackers had access to “significant amounts of health claims data” as well as personal data […]
In April 2022, Omnicell reported a data breach affecting nearly 62,000 patients. The company has revealed that the incident has impacted an additional 64,000 individuals. This brings the total number of patients affected to over 126,000. Will you be the next victim like Omnicell? If you are overlooking the importance of data protection, attackers can […]
In a US SEC (Securities and Exchange Commission) 8-K filing, Omnicell, the healthcare technology provider, revealed that some of its products, services, and internal systems were affected by ransomware. Upon detecting the incident, the medication management systems provider took immediate action to contain the attack and ensure continued operation. In its 10-Q form filing, Omnicell […]
In a new joint cybersecurity advisory, U.S. cybersecurity and intelligence agencies have warned about the use of Maui ransomware by North Korean government-backed hackers to target the healthcare sector since at least May 2021. “North Korean state-sponsored cyber actors used Maui ransomware in these incidents to encrypt servers responsible for healthcare services—including electronic health records […]
Ghana’s National Service Secretariate – NSS – exposed 55GB worth of citizens’ data when an AWS S3 bucket used by the Secretariate suffered misconfiguration. VPNMentor’s cybersecurity researchers Noam Rotem and Ran Locar reported that Ghana’s National Service Secretariate – NSS – suffered a massive database misconfiguration that exposed data of up to 700,000 citizens from across […]
Whether you live a busy life or not, it is difficult to always be by someone’s side and to make sure that they are safe and that their needs are taken care of – This is where medical alert devices come in handy. Medical alert devices and systems have been a major part of elderly […]
At present, it is difficult to find a field of work for people in which different mechanisms and machines are not used that facilitate human labor. Probably, soon the number of such units will increase significantly, and they will be used almost everywhere. And above all, hopes for a qualitative leap in their development are […]
According to Planned Parenthood, the latest data breach has affected its Los Angeles branch (PPLA) after it suffered a ransomware attack. On Wednesday, December 1st, 2021 Planned Parenthood, the non-profit reproductive health care organization based in the United States disclosed a data breach impacting over 400,000 patients of its Los Angeles branch (Planned Parenthood Los […]
Frederick Brown, a medical data technician & administrator associated with the 65th Medical Brigade of the US Army caused millions of dollars in losses Frederick Brown, a 40-year-old resident of Las Vegas, Nevada, has been sentenced to over 12 years behind bars after pled guilty to his involvement in a fraud scheme. Reportedly, Brown defrauded […]
The shared clinical workstations in the healthcare sector are often chaotic and messy. They are used by physicians for nearly everything, from logging into the EHR system to scheduling surgery. With so much going on in such a fast-paced industry, IT teams need to be vigilant and aware of security risks. Risks of Sharing Clinical […]
High-Risk Security Flaws Found and Patched in ZOLL Defibrillator Management Software. The Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has released an alert stating that multiple remote code execution vulnerabilities have been identified in software used by ZOLL, a US-based healthcare technology provider. SEE: Hackers exploiting critical vulnerabilities in Fortinet VPN – […]
Multiple security vulnerabilities have been disclosed in Philips Clinical Collaboration Platform Portal (aka Vue PACS), some of which could be exploited by an adversary to take control of an affected system. “Successful exploitation of these vulnerabilities could allow an unauthorized person or process to eavesdrop, view or modify data, gain system access, perform code execution, […]
The adversary behind Conti ransomware targeted no fewer than 16 healthcare and first responder networks in the U.S. within the past year, totally victimizing over 400 organizations worldwide, 290 of which are situated in the country. That’s according to a new flash alert issued by the U.S. Federal Bureau of Investigation (FBI) on Thursday. “The […]
Atrium Health, formerly Carolinas HealthCare System, which touted itself as ‘one of the nation’s leading and most innovative healthcare organizations’ has publicly disclosed that their system supplied by AccuDoc Solutions had a data breach between September 22 to 29, 2018 which exposed 2.65 million patient records to an unauthorized and unknown third party. The disclosure […]
The most serious breach of data in the history of Singapore happened last month when SingHealth reported that 1.5 million patient records were breached. According to Strait Times, among those affected includes Prime Minister Lee Hsien Loong, with the attackers “specifically and repeatedly targeting” his personal particulars and information of his outpatient dispensed medicines. Not […]