CBIZ KA, a third-party vendor for Prime Healthcare (Prime), discovered a security incident involving CBIZ’s use of MOVEit Transfer software, which has recently reported a security vulnerability. Prime takes the responsibility of safeguarding your information very seriously, and while Prime systems were not involved in the incident, CBIZ KA uses MOVEit Transfer to securely transfer…
Category: Health Data
East River Medical Imaging notifies 605,809 patients of breach
East River Medical Imaging recently sent out notices to 605,809 patients concerning a breach in September. According to a patient notice posted on its website, on September 20, 2023, the New York medical practice identified suspicious activity within its IT network. We immediately initiated our incident response process, began an investigation with the assistance of…
What it means — CitrixBleed ransomware group woes grow as over 60 credit unions, hospitals, financial services and more breached in US.
Kevin Beaumont writes: How CitrixBleed vulnerablity in Netscale has become the cybersecurity challenge of 2023. Credit union technology firm Trellance owns Ongoing Operations LLC, and provides a platform called Fedcomp — used by double digit number of other credit unions across the United States. This Fedcomp platform was not patched for CitrixBleed, as no Netscaler…
Hackers steal IDF patient records from cyberattack on Israeli hospital (corrected)
The Jerusalem Post reports: Over 500 gigabytes of data, including hundreds of thousands of IDF medical records were allegedly stolen by Iran-linked hackers during a cyberattack on Ziv Medical Center in Safed, Israel, the hackers claimed on Telegram. […] On their Telegram page, the attackers said, “We possess over 500 gigabytes of information, including 700,000 medical documents,…
NZ: Health Worker Arrested for Misusing Vaccination Data: A Case of Breach of Trust
Somasetty Suresh reports: A health worker has been apprehended by the authorities for an alleged misuse and disclosure of vaccination data. The individual, whose identity has not been revealed, has been charged with accessing a computer system for dishonest purposes. The incident came to light recently, prompting swift action from the concerned authorities. The accused…
If you’re in Rock County, Wisconsin, do NOT read this post. Absolutely do not read this post.
If you’re in Rock County, Wisconsin, it seems your Information Technology Director and Corporation Counsel do not want you to know certain things about the September ransomware attack — even though people in the rest of the country may already know what they have decided not to tell you. They didn’t even tell your own…