On February 1, Coastal Cape Fear Eye Associates in North Carolina notified HHS of a hacking incident that impacted 925 patients. Unlike many other ransomware reports where there is no clear evidence of PHI acquisition or compromise, in this incident, there was evidence of actual compromise, although no evidence of exfiltration. Here is the entity’s…
Category: Malware
One Plugin, Over 4,200 Victims – When Thousands of Government Websites Were Hijacked to Mine Monero
Rafia Shaikh reports: Thousands of websites around the world were targeted by cryptojackers over the weekend to mine Monero. The targets included websites run by the US and UK governments that were secretly hijacked by attackers to mine cryptocurrency using a compromised plugin, Browsealoud. Over 4,200 websites are in the victims list [link], including The City University of…
Voter, Bee databases hit with ransomware attack
Adam Ashton reports: Two Sacramento Bee databases on a third-party computer server were seized last month by an anonymous hacker who demanded The Bee pay a ransom in Bitcoin to get the data back. The intrusion, which was discovered by a Bee employee last week, exposed one database containing California voter registration data from the…
TN: Smith Dental notifies HHS of ransomware attack affecting 1,500
On January 22, Robert Smith, DMD, PC in Tennessee reported a breach to HHS. The report indicated that 1,500 patients were impacted by a hacking/IT incident involving their network. A Google search indicated that the practice was likely to be “Smith Dental” in Tennessee. But I could find no press release or statement on their…
Columbia University grad arrested for using key logger software
Robert Abel reports: A Columbia University grad student was arrested for leaving key logger malware on USB sticks left throughout the campus. Bill Liang Lin Wu, 23 was arrested Thursday after he was caught on camera leaving the credential stealing devices on a host of university computers shared by 14 professors. Wu graduated last spring…
Malware incident discovered in May, 2017 affected 2,600 patients: Partners HealthCare System
Partners HealthCare System, whose hospitals include Massachusetts General and Brigham and Women’s, revealed today that it had discovered a malware attack in May, 2017 that may have exposed 2,600 patients’ information. They learned of the problem on May 8, but because data was mixed in with code, numbers, other data, and unformatted, it took them quite…