I missed this one when it was first published. Ashley Gardner reported on January 3: Enloe Medical Center was targeted by a ransomware attack on Tuesday that caused the hospital to reschedule some elective procedures. According to hospital officials, data stored on the hospital’s network was encrypted, preventing staff from accessing the information. Read more…
Category: Health Data
Native American Rehabilitation Association of the Northwest reports Emotet attack
On January 3, the Native American Rehabilitation Association of the Northwest, Inc. (NARA NW) in Portland, Oregon announced that it experienced a cybersecurity incident November 4-5, 2019. The attack was described as a malware incident with Emotet malware injected when some employees fell for a phishing attack on November 4. The incident was recognized quickly…
Chinese tech companies still can’t stop medical data leaks
Eliza Gkritsi follows up on something previously reported on this site based on research by WizCase that they had shared with this site. WizCase subsequently updated their own post, here. Two security flaws at Chinese medical device operators put over 24 million patient records at risk in October. These medical data leaks reveal how cybersecurity practices…
Mercy Health Lorain Hospital Laboratory patients notified of HIPAA breach due to contractor invoice printing error
Although no actual or attempted access or misuse of patient or guarantor information has been discovered, RCM Enterprise Services, Inc. (“RCM”) is providing notice to certain individuals regarding an error in the invoice mailing process that caused individually identifiable information to appear in the clear address “window” on medical invoices. RCM provides patient billing services…
Hackers access Sask. eHealth system, demand ransom
Wayne Mantyka reports: Hackers made it through the first level of security for Saskatchewan’s eHealth records system this weekend, locking the government out of some systems. Jim Hornell with eHealth Saskatchewan told CTV News the hackers are demanding the government pay an unspecified ransom to get the system back under its control. Read more on…
What OPSEC? Member of “thedarkoverlord” allegedly used his personal details to set up hacking and extortion-related accounts.
In what seems like a mind-boggling OPSEC #FAIL, a U.K. man associated with thedarkoverlord allegedly used his real details to create bank accounts as well as to open email accounts, phone numbers, vpn, Twitter, and PayPal accounts that thedarkoverlord used as part of its operations to hack and extort victims. For a group that signed…