Sergiu Gatlan reports: Today, CISA ordered U.S. federal agencies to secure their systems against three recently patched Citrix NetScaler and Google Chrome zero-days actively exploited in attacks, pushing for a Citrix RCE bug to be patched within a week. The cybersecurity agency added the flaws to its Known Exploited Vulnerabilities Catalog today, saying that such vulnerabilities are “frequent attack…
Category: Breach Incidents
HMSA member data possibly compromised after data breach
Emily Cervantes reports: Hawaii Medical Service Administration employee information may be compromised after their vendor partner fell victim to a cyber attack. In early Sept. 2023, HMSA’s health management service vendor, Navvis, announced they experienced a data privacy event that compromised the personal and protected health information for former and current employees. Navvis immediately launched…
Bluewater Health getting new, more secure hospital info system
Tyler Kula reports: Bluewater Health, hardest hit by a cyberattack on five Southwestern Ontario hospitals last fall, had a relatively dated system for storing and sharing patient information at the time, Bluewater Health’s board chairperson says. “It did make a difference,” said Margaret Dragan, about the hospital group’s 20-plus-year-old hospital information system that’s been eyed for…
Fred Hutch failed to reveal threats of potential swatting attacks until this site revealed the threat. Should they have disclosed it themselves?
On December 28, DataBreaches published snippets from a chat with a threat actor (TA) who claimed to have involvement with both the Fred Hutch cyberattack and the Integris cyberattack. In the course of that exchange, the TA surprised DataBreaches by claiming that they had threatened Fred Hutch with swatting patients. From DataBreaches’ previous reporting: “So…
Family Healthcare notifying patients of November 2022 breach at Brady Martz & Associates
On September 8, Brady Martz & Associates in North Dakota disclosed a data breach in November 2022 that reportedly affected more than 53,000 individuals. Less than two weeks later, at least four lawsuits had been filed against the firm. Now, four months later, we see a notice from one of their clients: Family HealthCare was…
Erie VA Medical Center says it regrets veteran info disclosure
Keith Gushard reports: The Erie VA Medical Center says it regrets any preventable disclosure of sensitive veteran information and takes appropriate action to inform and protect impacted individuals as quickly as possible. The statement, issued Monday, comes almost eight full weeks after a printing error was discovered about the potential disclosure of limited information that…