On May 27, DataBreaches reported on two breaches that had been disclosed on the Friday before a holiday weekend. One of the two was a breach reported by Onix Group in Pennsylvania. As DataBreaches reported at the time: Their notice was provided on their own behalf and on behalf of Addiction Recovery Systems, Cadia Healthcare,…
Category: Health Data
Over 100 fertility patients had data breached by N.L. Health Services
CBC News reports: When Kelsey Puddister-Collins opened an email from Newfoundland and Labrador Fertility Services on Tuesday, she said she was mortified to see the names and email addresses of over 100 people on the email list. Puddister-Collins’ information was among those shared in a data breach. The email was a survey about her experience in…
DEVELOPING: HCA Healthcare patient data for sale on hacking forum?
A new user on a hacking forum has listed patient data from HCA Healthcare for sale. “As of 2021, HCA Healthcare is ranked #62 on the Fortune 500 rankings of the largest United States corporations by total revenue.” the seller writes, adding Data is grouped by division into 17 files totaling to 27,700,000 rows. More…
Au: Atherfield Medical & Skin Cancer Clinic victim of cyberattack by Cyclops
Australia has experienced a number of significant cyberattacks on healthcare entities in the past few years. Now a relatively new ransomware group, Cyclops, claims to have attacked Atherfield Medical & Skin Cancer Clinic in Australia: In Cyclops’ listing (above), there is a date of June 29, which appears to be the date they uploaded…
Why ransomware groups are targeting Indian pharma companies and the healthcare sector; ClearMedi allegedly hacked
Naandika Tripathi reports: Just three months after a ransomware attack pulled down India’s largest drugmaker, Sun Pharmaceuticals, the threat actors went after another pharma company. Hyderabad-based Granules India was notified of a significant loss of revenue and profitability due to a cybersecurity attack in the last week of May. […] From Dr. Reddy’s to the…
CISA issues warning for cardiac device system vulnerability
Jonathan Greig reports: The Cybersecurity and Infrastructure Security Agency (CISA) warned of a severe vulnerability in a cardiac device from medical device company Medtronic. The issue – tracked as CVE-2023-31222 – carries a “critical” CVSS score of 9.8 out of 10 and affects the company’s Paceart Optima software that runs on a healthcare organization’s Windows server. Medtronic said…