On September 30, AlphV threat actors (aka BlackCat) added McLaren Health Care to their dark web leak site. They updated their listing on October 4, claiming to have data on 2.5 million people. That same week, McLaren confirmed that they had been the victim of a ransomware attack it first detected on August 22. Michigan’s…
Category: U.S.
PJ&A data breach also affected millions of Northwell Health patients (1)
News12 on Long Island reports that the Perry Johnson & Associates (PJ&A) breach reported previously on this site has also affected Northwell Health, a major health system on Long Island. PJ&A is the same medical transcription service vendor whose breach affected 1.2 million patients of Cook County Health in Illinois. That health system was notified…
Paging regulators to Aisle 4 to look at Pacific Union College’s data security and breach disclosure
On November 8, Pacific Union College in California notified the Maine Attorney General’s Office of a breach in March 2023 that impacted 56,041 people. Their notification, submitted by external counsel at McDonald Hopkins, indicates that the breach occurred between March 5 and March 19, 2023 and was discovered on October 9, 2023. That discovery date…
Bitter Pill: Third-Party Pharmaceutical Vendor Linked to Pharmacy and Health Clinic Cyberattack
Team Huntress writes: In a concerning development within the healthcare sector, Huntress has identified a series of unauthorized access that signifies internal reconnaissance and preparation for additional threat actor activity against multiple healthcare organizations. The attackers abused a locally hosted instance of a widely-used remote access tool, ScreenConnect—utilized by the company Transaction Data Systems (which…
Tri-City Medical Center in Oceanside hit by cybersecurity attack
Paul Sisson reports: Tri-City Medical Center is diverting ambulance traffic to other hospitals Thursday as it copes with a cybersecurity attack that has forced it to declare “an internal disaster” as workers scramble to contain the damage and protect patient records. The Oceanside facility’s management confirmed the situation in a brief statement, indicating that the…
Ransomware attack under investigation at Pulaski County Public Schools
The district’s Facebook notice on November 7: Dear Pulaski County Public Schools Community: Pulaski County Public Schools has unfortunately become the victim of a cybercriminal attack. On Sunday, we discovered irregularities in our systems. PCPS immediately retained outside experts to launch a forensic investigation and help secure our servers. We now know that this is…