In May, 2021, DataBreaches.net sent an email inquiry to OSF Healthcare in Illinois after seeing that threat actors known as Xing Team claimed to have attacked them and exfiltrated data. OSF Healthcare never responded to the inquiry. In June, after Xing Team started dumping what appeared to be patient data, DataBreaches.net sent OSF Healthcare a…
Category: Health Data
Today’s reminder that small breaches may have the biggest impact
While everyone understandably raises alarms about the possible impact of a ransomware attack, let us never forget that simple, stupid, careless, willful, or just human errors can create significant safety risks for people. A foster family in Missouri is raising concerns about what may be two separate breaches that pose safety risks to them and…
It seemed that in the blink of an eye, an Indiana health system was crippled by ransomware
Leeann Doerflein reports: Johnson Memorial Health’s information technology team and the FBI are trying to get to the bottom of a weekend cyber attack that crippled the hospital’s computer network. The hackers gained access to the hospital’s network at 10:31 p.m. Friday and installed ransomware by 10:33 p.m. The hospital’s IT team discovered the attack…
Epilepsy Foundation of Texas notifies individuals following phishing attack
The Epilepsy Foundation of Texas (“EFTX”) is notifying certain individuals of a phishing incident that may have compromised their personal or medical information. From their disclosure: On or around June 8, 2021, the Epilepsy Foundation of Texas discovered fraudulent emails being sent out of an employee email account. Upon discovery, the Epilepsy Foundation of Texas contacted its IT personnel…
Eskenazi Health now says some patient, employee information stolen in cyber attack
Shari Rudavsky reports that, as first reported by this site in August, Eskenazi Health officials have announced that information from patients and employees was stolen and released on the dark web. The hospital will send a letter to all individuals impacted, detailing what types of information the cybercriminals obtained. Read more on IndyStar.
Schneck Medical Center Statement About Cyberattack
Today, September 29, Schneck Medical Center learned that it was a victim of a cyberattack that affected organizational operations. Out of an abundance of caution, access to all IT applications within our facilities were suspended. We are in the process of enhancing our IT security protocols. Third-party security partners have also been engaged to restore…