If you think about “supply chain attack” and “HVAC,” you will probably immediately think of the headline-making Target breach of 2013. But that wasn’t the only breach via a third-party HVAC vendor. Just this month, several hospitals in Boston may have narrowly escaped potentially serious breaches when their HVAC vendor was hacked and the threat…
Category: Health Data
Hive ransomware attacks Memorial Health System, steals patient data
Yesterday, news broke that Memorial Health system in Ohio had been hit with a ransomware attack and that surgeries were being delayed. Today Ionut Ilascu reports more details, including that the attack appears to involve the Hive ransomware threat actors: BleepingComputer has seen evidence that the attackers have stolen databases with information belonging to 200,000…
Still Missing a New Leader, Former OCR Directors, Experts Offer Advice, Task List
Theresa Defino writes: Issue a final rule revising the privacy regulation and write guidance on the information blocking rule. Formalize the fledgling audit program required by Congress more than 10 years ago. Engage with providers and other HIPAA-regulated entities. And by all means, get cracking. In a series of interviews with RPP, two former Office for…
Lukashenko hid the real data of Covid-19 mortality. A cyber attack has revealed figures about 14 times higher
The following is a Google translation of a news report by Anastasia Harea: Belarusian authorities have lied about the number of deaths caused by the new coronavirus. Everything came to light after a group of anonymous hackers from Belarus broke into the national civil status system, and the data found showed that between March 2020…
Ex-West Penn Hospital technician gets jail for secretly recording undressed patients
Paula Reed Ward reports that Guy Caley, 53, of Canonsburg, a former medical technician at West Penn Hospital, has been sentenced to serve 11 to 22 months in Allegheny County Jail, to be followed by 10 years of probation. Caley pleaded guilty in May to 89 counts including invasion of privacy and intercepting communications. Of note,…
Moorfields Eye Hospital investigating cyberattack on Dubai hospital, notifying patients
In one of the latest attacks on medical entities, AvosLocker has claimed that they exfiltrated 60 GB of data from “Moorfields NHS UK & Dubai.” So far, however, there is no evidence that any UK servers were hit — only Dubai ones. Moorfields in a specialty eye hospital that is part of the UK’s National…