Gt: Update on VSOP attack on Guatemala’s foreign ministry Last week, DataBreaches reported that the Ministry of Foreign Affairs of Guatemala was a victim of a VSOP attack. The government confirmed an attack on October 5. Services have been restored: Currently, the services are working, which has allowed us to provide uninterrupted attention to all…
Category: Health Data
HC3: Abuse of Legitimate Security Tools and Health Sector Cybersecurity
HC3 has published another guidance (TLP:WHITE) for the healthcare sector. In this one, they discuss how the same tools used to operate, maintain and secure healthcare systems and networks can also be turned against their own infrastructure. The paper includes: Cobalt Strike PowerShell Mimikatz Sysinternals Anydesk Brute Ratel Access the paper on HHS.
Saskatoon gynecology clinic hit with ransomware attack: report
Rory MacLean reports: A ransomware attack on a Saskatoon obstetrics and gynecology clinic left the personal health information of up to 20,000 patients in the hands of malicious hackers, according to the province’s privacy watchdog. In a report issued in September, Privacy Commissioner Ronald Kruzeniski said the attack targeting Saskatoon Obstetric and Gynecologic Consultants resulted…
Some Tufts community members’ health insurance information compromised in vaccine clinic data breach
Emily Thompson reports: Tufts announced in a Thursday evening email to the community that its vaccine clinic provider, Pelmeds, has experienced a data breach involving images of patients’ insurance cards. The number of Tufts community members affected by the breach is still unknown. Tufts has ended its contract with the company and postponed all previously…
WA: Columbia River Mental Health Services discloses long-running breach
Columbia River Mental Health Services in Vancouver, Washington has issued a press release about a breach that went undetected for approximately one year. From their press release: Columbia River Mental Health Services (“CRMHS”) recently became aware of suspicious activity related to certain CRMHS email accounts. CRMHS immediately launched an investigation, with the assistance of third-party…
Hospital That Disclosed Health Data to Foundation Wins Appeal
Christopher Brown reports: A hospital’s disclosure of patient health information to its charitable foundation didn’t violate the Minnesota Health Records Act, a state appellate court ruled. The MHRA permits disclosures of a patient’s health records without the patient’s consent when the disclosure is authorized in federal regulations, the Minnesota Court of Appeals said. Read more at…