In May, 2024, the threat actors known as BianLian added the Center for Digestive Health in Florida to their dark web leak site. In June, they leaked what they claimed was 2.2 TB of files that they described as: A physical and medical history examination. Accounting, budget, financial data. Contract data and NDA’s. Accidents. Files…
Category: Health Data
Sunflower Medical Group notifies 220,968 of December cyberattack by Rhysida
Sunflower Medical Group has notified 220,968 people of a December attack by Rhysida. According to their submission to the Maine Attorney General’s Office and their notification letter to those affected, the Kansas-based group of independent physicians detected the attack on January 7, 2025. Investigation revealed that it had occurred on December 15, 2024. The day…
Endless Mountains Health Systems affected by cyberattack; patients alerted to situation
Endless Mountains Health Systems (EMHS) in Pennsylvania has been dealing with a cyberattack that has impacted its operations and some of its systems. They have not stated whether it is a ransomware incident or not. EMHS announced the attack on March 5 on its website, but had already been noting problems on its Facebook page…
SSK Plastic Surgery discloses it experienced a hack and extortion attempt in 2024
Another plastic surgery practice has revealed that it was the victim of a cyberattack with an extortion demand. SSK Plastic Surgery in California recently notified the California Attorney General’s Office of an incident. The state’s website indicates that SSK Plastic Surgery reported that the breach occurred on March 20, 2024 and was discovered or ended…
Taipei’s Mackay Memorial Hospital patient information allegedly sold online
Michael Nakhiengchanh reports: Taipei’s Mackay Memorial Hospital apologized Thursday to the public for an information leak caused by a cyberattack earlier this month. On Feb. 9, the hospital was hit by ransomware called “Crazy Hunter,” causing over 500 computers to crash and reportedly up to 32.5 GB of information stolen, per CNA. The leaked data allegedly includes personal…
NHS investigates API flaw that exposed patient data
Teiss reports: The National Health Service (NHS) is investigating claims that an application programming interface (API) vulnerability at private healthcare provider Medefer left patient data exposed. The issue, initially raised by an IT whistleblower, has prompted scrutiny from the NHS, which has stated it will take further action if necessary. Medefer, a virtual healthcare provider…