The Wisconsin Department of Health Services (DHS) today announced that on August 8, 2022, as part of a cybersecurity incident investigation, DHS was notified that a presentation emailed to the DHS Children’s Long-Term Support Council in April 2021 contained protected health information. This presentation was forwarded to employees working for county government agencies in Rock…
Category: Health Data
Bits ‘n Pieces (Trozos y Piezas)
Gt: Update on VSOP attack on Guatemala’s foreign ministry Last week, DataBreaches reported that the Ministry of Foreign Affairs of Guatemala was a victim of a VSOP attack. The government confirmed an attack on October 5. Services have been restored: Currently, the services are working, which has allowed us to provide uninterrupted attention to all…
HC3: Abuse of Legitimate Security Tools and Health Sector Cybersecurity
HC3 has published another guidance (TLP:WHITE) for the healthcare sector. In this one, they discuss how the same tools used to operate, maintain and secure healthcare systems and networks can also be turned against their own infrastructure. The paper includes: Cobalt Strike PowerShell Mimikatz Sysinternals Anydesk Brute Ratel Access the paper on HHS.
Saskatoon gynecology clinic hit with ransomware attack: report
Rory MacLean reports: A ransomware attack on a Saskatoon obstetrics and gynecology clinic left the personal health information of up to 20,000 patients in the hands of malicious hackers, according to the province’s privacy watchdog. In a report issued in September, Privacy Commissioner Ronald Kruzeniski said the attack targeting Saskatoon Obstetric and Gynecologic Consultants resulted…
Some Tufts community members’ health insurance information compromised in vaccine clinic data breach
Emily Thompson reports: Tufts announced in a Thursday evening email to the community that its vaccine clinic provider, Pelmeds, has experienced a data breach involving images of patients’ insurance cards. The number of Tufts community members affected by the breach is still unknown. Tufts has ended its contract with the company and postponed all previously…
WA: Columbia River Mental Health Services discloses long-running breach
Columbia River Mental Health Services in Vancouver, Washington has issued a press release about a breach that went undetected for approximately one year. From their press release: Columbia River Mental Health Services (“CRMHS”) recently became aware of suspicious activity related to certain CRMHS email accounts. CRMHS immediately launched an investigation, with the assistance of third-party…