HHS Health Center Cybersecurity Center (HC3) has published a new informational handout and guidance on multi-factor authentication (MFA) and smishing. It includes statistics and suggestions for dealing with common obstacles to implementation. Access the handout on HHS’s site (pdf).
Category: Health Data
Nearly 1.5 million affected by data breach at Alberta Dental Service Corporation
CBC reports: A significant data breach has compromised the personal information of about 1.47 million Albertans, the Alberta Dental Service Corporation said Thursday. In a statement, ADSC said certain data from public dental benefits programs it administers for the provincial government was implicated in a recent cybersecurity breach. ADSC learned it was the victim of…
Oregon Sports Medicine allegedly hit by 8Base threat actors
Oregon Sports Medicine was added to 8Base’s leak site today. No files or filetree was offered as any proof of claims, but the threat actors claim that they acquired: Invoice Receipts Accounting documents Personal data Certificates Employment contracts A huge amount of confidential information Confidentiality agreements Personal files of patients Another The listing indicates that…
Il: Cyberattack shuts down Bnei Brak hospital’s computers
JNS reports: Mayanei Hayeshua Medical Center in Bnei Brak was hit by a cyberattack on Monday night, Israel’s Health Ministry announced on Tuesday morning. The hospital’s administrative computers were shut down in what was described as a ransomware attack. The ultra-Orthodox hospital, located east of Tel Aviv, said medical equipment was not affected by the…
HC3: Sector Alert: Rhysida Ransomware
August 4, 2023 TLP:CLEAR Report: 202308041500 Executive Summary Rhysida is a new ransomware-as-a-service (RaaS) group that has emerged since May 2023. The group drops an eponymous ransomware via phishing attacks and Cobalt Strike to breach targets’ networks and deploy their payloads. The group threatens to publicly distribute the exfiltrated data if the ransom is not…
Pt: SESARAM confirms cyberattack on region’s health service, suspends non-urgent activity Monday
Iolanda Chaves reports (machine translated): SESARAM has just issued a statement confirming the occurrence of a “deliberate and malicious cyberattack with the sole objective of causing damage and disrupting the normal functioning of the Regional Health Service of the Autonomous Region of Madeira”. “The internal functioning of SESARAM is thus affected, compromising some areas”, underlines…