We’ve seen a record number of incidents reported in the first quarter of 2019, and it’s not getting any better in the healthcare sector. Whether you use HHS’s public breach tool, as Modern Healthcare does, or the system DataBreaches.net and Protenus, Inc. use to track U.S. breaches involving medical or health data, April set a…
Category: Of Note
Crippling ransomware attacks targeting US cities on the rise
Kevin Collier reports: Targeted ransomware attacks on local US government entities — cities, police stations and schools — are on the rise, costing localities millions as some pay off the perpetrators in an effort to untangle themselves and restore vital systems. The tally by cybersecurity firm Recorded Future — one of the first efforts to…
Top-Tier Russian Hacking Collective Claims Breaches of Three Major Anti-Virus Companies
Executive Summary “Fxmsp” is a high-profile Russian- and English-speaking hacking collective. They specialize in breaching highly secure protected networks to access private corporate and government information. They have a long-standing reputation for selling sensitive information from high-profile global government and corporate entities. In March 2019, Fxmsp stated they could provide exclusive information stolen from three…
25,148 patients served by Southeastern Council on Alcoholism and Drug Dependence notified of ransomware incident
Here’s yet another ransomware incident in which investigators couldn’t really determine whether ePHI were actually accessed, so the entity notified HHS and is notifying patients. In this case, we are dealing with what could be treatment information for more stigmatizing conditions such as alcoholism or addiction. According to their report to HHS, 25,148 patients are…
American Medical Collection Agency breach impacted 200,000 patients – Gemini Advisory
A data breach involving a medical collection agency affected more than 200,000 patients who had used the firm’s online payment portal between September, 2018 and the beginning of March, 2019. At the end of February, Gemini Advisory analysts identified a Card Not Present (CNP) database that had been posted for sale in a dark web…
Member of Sophisticated China-Based Hacking Group Indicted for Series of Computer Intrusions, Including 2015 Data Breach of Health Insurer Anthem Inc. Affecting Over 78 Million People
More than four years from hack to indictment. How many more until they actually have the alleged hackers in custody? From the U.S. Department of Justice, this press release today: A federal grand jury returned an indictment unsealed today in Indianapolis, Indiana, charging a Chinese national as part of an extremely sophisticated hacking group operating…