Rob Antle reports: The agency in charge of safeguarding health information in Newfoundland and Labrador held its first annual general meeting since last fall’s cyberattack, but there were no updates what happened or what’s since been done to protect patient data. The tightly scripted event — held on the Friday afternoon before a long holiday weekend,…
Category: Health Data
Detroit Health Department Provides Notice of Data Security Incident
The following is a notice from the Detroit Health Department. It is unclear whether this was an accidental breach due to error or some more intentional wrongdoing by an employee, but the notice makes no mention of disciplining any employee or referring to law enforcement. The Detroit Health Department is notifying specific individuals about a…
Wisconsin Department of Health Services notifying some Medicaid members of breach
The Wisconsin Department of Health Services (DHS) today announced that on August 8, 2022, as part of a cybersecurity incident investigation, DHS was notified that a presentation emailed to the DHS Children’s Long-Term Support Council in April 2021 contained protected health information. This presentation was forwarded to employees working for county government agencies in Rock…
Bits ‘n Pieces (Trozos y Piezas)
Gt: Update on VSOP attack on Guatemala’s foreign ministry Last week, DataBreaches reported that the Ministry of Foreign Affairs of Guatemala was a victim of a VSOP attack. The government confirmed an attack on October 5. Services have been restored: Currently, the services are working, which has allowed us to provide uninterrupted attention to all…
HC3: Abuse of Legitimate Security Tools and Health Sector Cybersecurity
HC3 has published another guidance (TLP:WHITE) for the healthcare sector. In this one, they discuss how the same tools used to operate, maintain and secure healthcare systems and networks can also be turned against their own infrastructure. The paper includes: Cobalt Strike PowerShell Mimikatz Sysinternals Anydesk Brute Ratel Access the paper on HHS.
Saskatoon gynecology clinic hit with ransomware attack: report
Rory MacLean reports: A ransomware attack on a Saskatoon obstetrics and gynecology clinic left the personal health information of up to 20,000 patients in the hands of malicious hackers, according to the province’s privacy watchdog. In a report issued in September, Privacy Commissioner Ronald Kruzeniski said the attack targeting Saskatoon Obstetric and Gynecologic Consultants resulted…