On June 13, the INC Ransom group added Maryhaven in Ohio to their leak site. DataBreaches subsequently contacted Maryhaven to inquire what it was doing in response to INC’s claims. They did not reply, but subsequently posted a notice on their website that said, in part: We are aware that some of our systems are…
Category: Health Data
Consulting Radiologists LTD notifying 583,824 patients about February attack
Two ransomware groups claimed to have attacked Consulting Radiologists. The notification is silent about any ransom demands. Consulting Radiologists LTD. (“CRL”)” in Minnesota is a physician-owned practice. On February 12, 2024, they detected suspicious activity on their network. An investigation revealed that an unauthorized actor had accessed certain files and data. Those files contained patient…
Social Engineering Tactics Targeting Healthcare & Public Health Entities and Providers
June 24, 2024 TLP:CLEAR SUMMARY The Federal Bureau of Investigation (FBI) and the Department of Health and Human Services (HHS) are releasing this joint Cybersecurity Advisory (CSA) to disseminate known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) used in a social engineering campaign targeting healthcare, public health entities, and providers. Threat actors…
If the insider threat is at your vendor, could you discover it quickly?
Here’s today’s reminder of the insider threat. We start with a notice from Geisinger about a security incident involving Nuance Communications: Nuance Communications Inc., an outside vendor that provides information technology services for Geisinger, is notifying Geisinger patients that some personal information may have been accessed by a former Nuance employee. On Nov. 29, 2023,…
Cyber Attack on Synnovis Pathology Lab Traced to Longstanding Known Weaknesses at London Hospitals
Scott Ikeda writes: A cyber attack on London hospitals that has unfolded over the course of June has had a devastating impact on the city’s blood supply, and has caused hundreds of operations to be postponed. New reporting from Bloomberg indicates that the city’s hospitals have long known that Synnovis, the pathology lab at the center of…
Red Tape Is Making Hospital Ransomware Attacks Worse
Matt Burgess reports: Crippling ransomware attacks against hospitals and health care providers are on the rise. These ruthless cyberattacks can take medical systems offline for weeks—canceling appointments and surgeries and causing harm to patients. Doctors and nurses are plunged into crisis situations where they resort to using pen and paper, while IT staff work to make…