From the U.S. Department of Justice, February 18, 2025 Note: View the settlement agreement here. Health Net Federal Services Inc. (HNFS) of Rancho Cordova, California and its corporate parent, St. Louis-based Centene Corporation, have agreed to pay $11,253,400 to resolve claims that HNFS falsely certified compliance with cybersecurity requirements in a contract with the U.S. Department…
On February 15, the RansomHub ransomware group claimed responsibility for an attack on the Sault Ste. Marie Tribe of Chippewa Indians. RansomHub claims to have “temporarily locked” the tribe’s infrastructure and to have acquired 119 GB of files (501, 211 files). The affected systems reportedly include casinos, convenience stores, government buildings, and telecommunications services, but…
On November 3, 2024, WALB in Georgia reported that Memorial Hospital and Manor had been the victim of a ransomware attack on November 1 that they discovered on November 2. The hospital announced the incident on its Facebook page in a post that is no longer available. But Memorial Hospital and Manor did not appear…
On November 11, 2024, Humboldt Independent Practice Association (Humboldt IPA) submitted a breach report to HHS that used a placeholder of 500 for the number of patients affected. All we knew from HHS’s entry was that it was some kind of hacking or IT incident involving protected health information located in email. The California entity’s…
Stephen Brun reports: An employee of Summerside’s Prince County Hospital accessed the personal files of more than 100 patients without permission, Health P.E.I. says. In a news release Monday afternoon, the health agency said it discovered the breach of the provincial electronic record system last fall and has sent letters to the affected patients. It…
Connor Jones reports: NHS execs admit that last year’s cyberattack on hospitals in Wirral, northwest England, continues to “significantly” impact waiting times for cancer treatments, and suspect this will last for “months.” During the attack, which began on November 25 2024, the main clinical system was pulled offline and by December 5 the teams were…