Caroline Hudson reports: Ascension has detected a cybersecurity incident that is disrupting its clinical operations, and has advised business partners to disconnect from its systems. The nonprofit health system said Wednesday it had discovered “unusual activity” on select network systems that it believes is due to a cybersecurity event. An Ascension spokesperson did not respond to…
Category: Health Data
Patient appointments imperiled by cyberattack on French radiologist
Alexander Martin reports: Coradix-Magnescan, a French company that provides medical radiological imaging, has warned patients it is currently dealing with a cyberattack that risks “complicating” their appointments. Based in Perpignan in southern France, just north of the Pyrenees mountains and close to the Mediterranean Sea, the company said at this point there is no evidence…
Guardant notifies patients of unintended information exposure going back to October 2020
A notification by Guardant Health, Inc. in California (“Guardant”) caught DataBreaches’ eye yesterday. Guardant is a laboratory that performs cancer screening tests on samples received from its physician and hospital partners. Patient information that they received may have been inadvertently exposed between October 5, 2020 and February 29, 2024. They explain: Guardant recently determined that…
Fred Hutch notifies more patients of November 2023 attack (1)
In December 2023, UW’s Fred Hutchinson Cancer Center (“Fred Hutch”) reported a November cyberattack that involved the exfiltration of patient data and attempted extortion of patients. DataBreaches contacted Fred Hutch on December 8 to ask whether the attackers had encrypted their files and whether they had negotiated with the threat actors. They did not reply….
Change Healthcare hackers broke in using stolen credentials — and no MFA, says UHG CEO
Zack Whittaker reports: The ransomware gang that hacked into U.S. health tech giant Change Healthcare used a set of stolen credentials to remotely access the company’s systems that weren’t protected by multifactor authentication (MFA), according to the chief executive of its parent company, UnitedHealth Group (UHG). UnitedHealth CEO Andrew Witty provided the written testimony ahead of a…
United Healthcare, Optum, and Change Healthcare Involved in Northeast Ohio Neighborhood Health Data Breach
Note: Marco A. De Felice (aka @amvinfe) has been doing some great investigative blogging on ransomware groups and incidents. If you’re not checking his SuspectFile site regularly, you are missing out on some of his exclusive reporting. De Felice’s recent coverage of Medusa’s attack on Northeast Ohio Neighborhood Health (NEON) begins: Another significant data breach…