East River Medical Imaging recently sent out notices to 605,809 patients concerning a breach in September. According to a patient notice posted on its website, on September 20, 2023, the New York medical practice identified suspicious activity within its IT network. We immediately initiated our incident response process, began an investigation with the assistance of…
Category: Health Data
What it means — CitrixBleed ransomware group woes grow as over 60 credit unions, hospitals, financial services and more breached in US.
Kevin Beaumont writes: How CitrixBleed vulnerablity in Netscale has become the cybersecurity challenge of 2023. Credit union technology firm Trellance owns Ongoing Operations LLC, and provides a platform called Fedcomp — used by double digit number of other credit unions across the United States. This Fedcomp platform was not patched for CitrixBleed, as no Netscaler…
Hackers steal IDF patient records from cyberattack on Israeli hospital (corrected)
The Jerusalem Post reports: Over 500 gigabytes of data, including hundreds of thousands of IDF medical records were allegedly stolen by Iran-linked hackers during a cyberattack on Ziv Medical Center in Safed, Israel, the hackers claimed on Telegram. […] On their Telegram page, the attackers said, “We possess over 500 gigabytes of information, including 700,000 medical documents,…
NZ: Health Worker Arrested for Misusing Vaccination Data: A Case of Breach of Trust
Somasetty Suresh reports: A health worker has been apprehended by the authorities for an alleged misuse and disclosure of vaccination data. The individual, whose identity has not been revealed, has been charged with accessing a computer system for dishonest purposes. The incident came to light recently, prompting swift action from the concerned authorities. The accused…
If you’re in Rock County, Wisconsin, do NOT read this post. Absolutely do not read this post.
If you’re in Rock County, Wisconsin, it seems your Information Technology Director and Corporation Counsel do not want you to know certain things about the September ransomware attack — even though people in the rest of the country may already know what they have decided not to tell you. They didn’t even tell your own…
OAIC alleges Australian Clinical Labs hack resulted from lacklustre security measures
Daniel Croft reports: Australian Clinical Labs (ACL) parent company Medlab back in February 2022 announced that it had suffered a cyber attack at the hands of the Quantum hacking group, which stole 86 gigabytes worth of data belonging to over 200,000 people, which included health information, passport details, and credit card information (number, expiry and…