City of Hope Phishing Attack Impacts 3,400 Patients
Aug14

City of Hope Phishing Attack Impacts 3,400 Patients

A recent City of Hope phishing attack has potentially resulted in the PHI of 3,400 patients being accessed by cybercriminals. City of Hope employees were sent phishing emails on May 31 and June 2, 2017. Four employees responded to the emails and disclosed their email credentials to the attackers. Four email accounts were accessed by the attackers. While the email accounts contained sensitive information, City of Hope officials do not...

Read More
2,789 Patients’ PHI Compromised in Phishing Attack
Aug02

2,789 Patients’ PHI Compromised in Phishing Attack

Kaleida Health has announced that a phishing attack has resulted in an email account being compromised, and along with it, the protected health information of 2,789 of its patients. Kaleida Health became aware of the incident on May 24, 2017, and called on a computer forensics firm to assess which patients have been affected and the extent to which its systems had been compromised. The firm determined the attack was limited to one...

Read More
Anthem Inc Announces 18,580 Record Data Breach
Jul31

Anthem Inc Announces 18,580 Record Data Breach

Anthem Inc., has recently settled a class-action lawsuit filed by the victims of its 2015 data breach that saw 78.8 million health insurance records stolen by hackers. The insurer settled the case for $118 million. A month after the settlement was announced, the company has confirmed its plan members have been affected by another data breach. This time the insurance records of 18,580 individuals have been exposed. The breach occurred...

Read More
ITRC Report Shows Hacking Continues to be the Main Cause of Data Breaches
Jul21

ITRC Report Shows Hacking Continues to be the Main Cause of Data Breaches

The main cause of data breaches in the United States is still hacking according to a new report released by the Identity Theft Resource Center (ITRC). The report also shows that in the year to June 30, 2017, U.S data breaches have hit a record high, with 791 confirmed data breaches reported. The data breach count has increased by 29% since the report was issued last year, with ITRC expecting the data breaches to reach 1,500 by the end...

Read More
Ransomware Investigation Uncovered 15-Month Data Breach
Jul20

Ransomware Investigation Uncovered 15-Month Data Breach

When Peachtree Neurological Clinic was attacked with ransomware all was not lost as data were recoverable from backups; however, the ransomware investigation revealed something far worse. Its systems had been breached 15 months previously. The ransomware incident resulted in the encryption of the provider’s electronic medical records. A ransom demand was issued. Payment was required in exchange for the keys to unlock the encryption....

Read More
Southern Oregon University Phishing Attack Results in Theft of $1.9 Million
Jun15

Southern Oregon University Phishing Attack Results in Theft of $1.9 Million

A Southern Oregon University phishing attack has resulted in the theft of $1.9 million from the university’s accounts – Arguably the worst phishing attack of the year to date. While the Southern Oregon University phishing attack stands out due to the amount of money obtained by the attackers, it is sadly just one of a large number of attacks that have affected U.S organizations this year. The scam is known as Business Email Compromise...

Read More
Patient Portal Security Flaw Exposed Data of Molina Healthcare Patients
May31

Patient Portal Security Flaw Exposed Data of Molina Healthcare Patients

A patient portal security flaw has resulted in the exposure of patient claims information. Claims information had been uploaded to the patient portal of the Long Beach, California-based managed care company Molina Healthcare; however, the information was accessible without any authentication checks. Patients who had been sent a link to their claims could click those links without any checks being performed to ensure they were the...

Read More
Children’s Mercy Hospital Alerts 5,500 Patients to a Potential PHI Breach
May31

Children’s Mercy Hospital Alerts 5,500 Patients to a Potential PHI Breach

Children’s Mercy Hospital in Kansas City has started notifying more than 5,500 patients that some of their electronic protected health information has been exposed online. Personally identifiable information and protected health information were discovered to have been uploaded to a website set up by one of the hospital’s physicians. The website was intended to serve as an educational resource. The physician had protected the...

Read More
Healthcare Data Breach Reporting Improves; IT Security Incidents Rise
May23

Healthcare Data Breach Reporting Improves; IT Security Incidents Rise

The monthly Breach Barometer Report from Protenus shows healthcare data breach reporting is improving, data breaches are down, and there was a significant reduction in healthcare data breach victims in April, 2017. The Health Insurance Portability and Accountability Act (HIPAA) places a time limit on reporting healthcare data breaches to the HHS’ Office for Civil Rights (OCR) and sending breach notifications to patients. That time...

Read More
True Health Diagnostics Website Flaw Exposes Patient Records
May09

True Health Diagnostics Website Flaw Exposes Patient Records

The health reports of patients of the True Health Group have been exposed online and were viewable by other patients for months – most likely years – due to a True Health Diagnostics website flaw. True Health Diagnostics is a Frisco, TX-based company that offers a wide range of testing procedures for genetic and other diseases. The company operates a web portal which patients can access to view their test results. Logging into...

Read More
Suspected Ransomware Attack Impacts Erie County Medical Center Patients
Apr12

Suspected Ransomware Attack Impacts Erie County Medical Center Patients

It has been a bad month for healthcare industry ransomware attacks and malware infections. A ransomware attack on Ashland Women’s Health was confirmed this week which impacted 19,272 patients and last week an ABCD pediatrics ransomware attack impacted 55,447 patients. On Sunday, another healthcare organization discovered a ‘virus’ had arrived via email and made its way onto the network. Erie County Medical Center in Buffalo, New York...

Read More
Ashland Women’s Health Ransomware Attack Confirmed
Apr12

Ashland Women’s Health Ransomware Attack Confirmed

The ransomware attacks on healthcare providers are continuing, with one of the latest victims a small one-practitioner gynecology practice in Ashland, Kentucky. Ashland Women’s Health recently informed the Department of Health and Human Services’ that the attack had potentially resulted in patients’ protected health information being accessed by the attackers. Ransomware attacks are reportable to OCR unless a healthcare provider can...

Read More
Ransomware Attack on ABCD Pediatrics Impacts 55,000 Patients
Apr05

Ransomware Attack on ABCD Pediatrics Impacts 55,000 Patients

The protected health information of more than 55,000 patients has potentially been compromised in a recent ransomware attack on ABCD Pediatrics. Attackers gained access to ABCD Pediatrics’ servers and Dharma ransomware was installed, resulting in the encryption of some PHI. Dharma ransomware is a variant of CrySiS ransomware. CrySiS ransomware was one of the most popular ransomware variants in 2016, although late last year ESET...

Read More
Med Center Health Data Breach Impacts 160,000 Patients
Mar24

Med Center Health Data Breach Impacts 160,000 Patients

The Federal Bureau of Investigation is investigating a major Med Center Health data breach that impacts many affiliates and around 160,000 patients. The Med Center Health data breach was not the result of hackers, instead data is believed to have been stolen by a former employee. The employee is understood to have taken a wide range of sensitive data including patients’ names, addresses, insurance details, procedure codes, billing...

Read More
Insider Healthcare Data Breaches Soar in February
Mar20

Insider Healthcare Data Breaches Soar in February

February saw a major increase in insider healthcare data breaches, according to the latest healthcare data breach report from Protenus. The February Breach Barometer report indicates there were 31 reported healthcare data breaches in February. While the figure is on a par with January, which also saw 31 healthcare data breaches reported, there was a significant rise in insider healthcare data breaches last month. Insider incidents...

Read More
Largest Healthcare W-2 Phishing Scam of 2017: 17,000 Employees Impacted
Feb23

Largest Healthcare W-2 Phishing Scam of 2017: 17,000 Employees Impacted

The largest healthcare W-2 phishing scam of the year to date has recently been reported by American Senior Communities of Indiana. While many organizations have already reported being fooled by phishing emails this tax season, this was the largest healthcare W-2 phishing scam by some distance, impacting more than 17,000 of the organization’s employees. This year has already seen 74 organizations scammed, and that number is certain to...

Read More
Google Removes Ransomware App from Its Play Store
Jan26

Google Removes Ransomware App from Its Play Store

An app in the Google Play store has been discovered to have been loaded with ransomware. Google has recently removed the ransomware app from its Play Store, although it is not known how many individuals have already been infected. The app in question is called EnergyRescue. The purpose of the app was to help users manage the use of their phone batteries. However, that was not the real purpose of the app. According to researchers at...

Read More
SEC Investigation of Yahoo Breach Launched
Jan25

SEC Investigation of Yahoo Breach Launched

The U.S. Securities and Exchange Commission will be investigating Yahoo over the two massive data breaches announced late last year. The SEC investigation of Yahoo will not be concerned with the controls put in place by the company to prevent data breaches, but whether Yahoo should have informed its investors of the breaches more quickly. In September, Yahoo announced that it had experienced a massive data breaches that had impacted...

Read More
Sentara Healthcare Data Breach Investigated
Jan16

Sentara Healthcare Data Breach Investigated

Sentara Healthcare is investigating a data breach suffered by one of its third-party vendors that resulted in patients’ protected health information being accessed by an unauthorized individual. Sentara Health was notified of a potential ePHI breach by law enforcement on November 17, 2016. An internal investigation was then immediately launched to determine the source of the breach, which led to one of its vendors. The vendor of the...

Read More
Ransomware Infection Impacting 19,000 Individuals Investigated by Highmark BCBS of Delaware
Jan15

Ransomware Infection Impacting 19,000 Individuals Investigated by Highmark BCBS of Delaware

A subcontractor of Highmark Blue Cross Blue Shield of Delaware has experienced a ransomware infection and cyberattack that has potentially compromised the personal information of approximately 19,000 beneficiaries of employer-paid health plans. The ransomware attack occurred at Highmark BCBS subcontractor Summit Reinsurance Services on August 5, 2016, although affected individuals have only just been notified of the incident. An...

Read More
ESEA Hacking Incident Results in Leaking of 1.5 Million Player Profiles
Jan09

ESEA Hacking Incident Results in Leaking of 1.5 Million Player Profiles

E-Sports Entertainment Association (ESEA) has announced it has been the victim of an extortion attempt after a hacker infiltrated one of its game servers. The ESEA hacking incident resulted in the theft of 1.5 million player profiles and other user data. The hack occurred on December 27, 2016. Access was gained to an ESEA game server, data were exfiltrated, and a $100,000 ransom demand was issued by the attacker. The hacker said that...

Read More
Los Angeles Valley College Ransomware Attack: 28K Paid for Key
Jan09

Los Angeles Valley College Ransomware Attack: 28K Paid for Key

A Los Angeles Valley College ransomware attack on January 6, 2017 resulted in student data being locked and 1,800 college administrators and teachers being prevented from gaining access to their computer system and essential files. Ransomware is malicious software that encrypts a wide range of file types, including databases. The data is not moved or copied, just renamed and encrypted. In order to unlock the encryption, a unique key...

Read More
Switcher Trojan Infects Wi-Fi Routers via Android Mobiles
Jan03

Switcher Trojan Infects Wi-Fi Routers via Android Mobiles

An incredibly dangerous new Trojan has been detected by Kaspersky Lab which is being used to attack Wi-Fi routers via Android devices. The new malware – named the Switcher Trojan – is currently only being used to attack routers in China, although Kaspersky Lab researchers warn that this new malware signals a dangerous new trend – One that could well become a global problem. The typical way that hackers gain control of Wi-Fi...

Read More
Yahoo Breach the Work of Cybercriminals with Nation-State Connections
Dec20

Yahoo Breach the Work of Cybercriminals with Nation-State Connections

Data from the Yahoo breach of 1 billion user accounts has already been sold on the black market on multiple occasions, according to InfoArmor. While Yahoo maintains that the attack was performed by a nation-state sponsored hacking group, InfoArmor’s research suggests otherwise and many security experts agree. Instead of a nation-state sponsored hacking group, it has been suggested that it was a criminal organization behind the attack,...

Read More
1Bn Accounts Compromised in 2013 Yahoo Cyberattack
Dec15

1Bn Accounts Compromised in 2013 Yahoo Cyberattack

In September 2016, Yahoo announced it had been hacked and half a billion accounts were compromised; however, yesterday it was revealed that a 2013 Yahoo cyberattack that was twice the size. The credentials of more than 1 billion users were reportedly stolen in the 2013 Yahoo cyberattack. The Yahoo cyberattack announced in September was the largest data breach ever reported. This was particularly bad news as the company had just agreed...

Read More
Madison County Pays $220,000 to Improve Defenses After Ransomware Attack
Dec14

Madison County Pays $220,000 to Improve Defenses After Ransomware Attack

The Madison County ransomware attack that took out many of the county’s computer systems last month could only be resolved by paying a $21,000 ransom as no viable backup existed. On the advice of the County’s insurance company, the ransom was paid. Madison County will not be required to cover the cost of the ransom, only the deductible. However, a ransomware attack costs considerably more to resolve than the cost of the ransom to...

Read More
Arkansas Sherriff’s Office Pays 3 Bitcoin Ransom to Unlock Files
Dec14

Arkansas Sherriff’s Office Pays 3 Bitcoin Ransom to Unlock Files

The cybercriminals behind a ransomware attack on an Arkansas Sherriff’s office have been paid 3 Bitcoin ($2,400) to supply the keys to decrypt files locked by the ransomware. The ransomware attack on the Carrol County Sheriff’s office occurred on December 5, 2016 and resulted in its computer systems being taken out of action for just under a week. The attackers used a fairly new ransomware variant called Dharma, which is from the same...

Read More
Dailymotion Cyberattack Impacts 85 Million Users
Dec06

Dailymotion Cyberattack Impacts 85 Million Users

According to LeakedSource, a recent Dailymotion cyberattack has resulted in email addresses, usernames, and passwords being obtained by hackers. Dailymotion is one of the leading web video platforms and is rated by Alexa as the 113th most popular website. In April 2015, the site attracted 148 million visitors. The Dailymotion cyberattack is understood to have occurred on or around October 20, 2016, which means account credentials may...

Read More
San Francisco Transport System Ransomware Attack Reported
Nov28

San Francisco Transport System Ransomware Attack Reported

A San Francisco Transport System ransomware attack occurred this weekend that resulted computers used by the city’s light rail system being encrypted. The attackers demanded a 100 Bitcoin ($70,000) ransom to supply the key to unlock the encryption. A statement released by the San Francisco Municipal Transportation Agency (SFMTA) confirmed that while the attack resulted in computer systems being taken out of action, transport was...

Read More
Facebook’s Darknet Password Buying Practice Revealed
Nov17

Facebook’s Darknet Password Buying Practice Revealed

The data obtained from cyberattacks is often listed for sale on Darknet marketplaces for cybercriminals to purchase, yet who actually buys these data? Passwords are bought by cybercriminals to gain access to users’ online accounts for a wide variety of nefarious activities, but it is not only criminals that are interested in these data. It has recently emerged that Facebook also buys stolen passwords. Facebook CSO Alex Stamos revealed...

Read More