HHS: Lessons learned from the HSE cyberattack

HHS Cybersecurity Program has released a new threat brief on lessons learned from the HSE cyberattack. DataBreaches.net covered the incident and aftermath in a number of articles because of the significance of the breach impacting patient care — including for cancer patients — and the unusual twist the case took when the Conti threat actors turned around and gave HSE the decryption key but still demanded ransom to delete and presumably destroy data the threat actors had exfiltrated.

The HSE’s own report on the incident — a whopping 157 pages — can be found here.

Download HHS’s threat brief.

Paying cyberattackers is wrong, right? Should Taos County's incident be an exception?
HHS OCR Settles HIPAA Ransomware Investigation with Syracuse ASC for $250k plus corrective action plan
IVF provider Genea notifies patients about the cyberattack earlier this year.
Key figure behind major Russian-speaking cybercrime forum targeted in Ukraine
Legal Silence and Chilling Effects: Injunctions Against the Press in Cybersecurity
Suspected XSS Forum Admin Arrested in Ukraine

Related: