On July 21, the DoppelPaymer ransomware threat actors added Amphastar Pharmaceuticals to their leak list. They also uploaded a number of files as proof of access and exfiltration. It was because of that listing that Amphastar eventually discovered that employee data had been stolen in a May attack. On August 27, Amphastar sent notification letters…
Search Results for: HCA
Already in the midst of a crisis, a Houston hospital was attacked by ransomware
It’s been a rough year for the U.S. in terms of COVID-19. And some areas have been hit worse than others. On August 1, CNN tweeted about how rough things were at Houston’s United Memorial Medical Center. Yesterday was Dr. Joseph Varon’s 134th day leading the coronavirus unit at Houston’s United Memorial Medical Center. Last…
Valley Health System recovering from ransomware attack while maintaining patient care
Valley Health Systems (VHS) has joined the unfortunate ranks of health systems that have fallen prey to a ransomware attack. VHS provides primary and preventative care to approximately 75,000 patients each year in southern West Virginia, southeastern Ohio and eastern Kentucky, operating more than 40 healthcare facilities. Their 2019 annual report noted that their sliding…
Ransomware – The New (Too-High) Cost of Doing Business
Gemini Advisory has released a paper that makes the point that in 2020, it may be best to view ransomware incident costs as part of the cost of doing business. And with more people working from home these days, there is an increased risk of security incidents, as threat actors may be able to relatively…
Medical Debt Collection Firm R1 RCM Hit in Ransomware Attack
Brian Krebs reports: R1 RCM Inc. [NASDAQ:RCM], one of the nation’s largest medical debt collection companies, has been hit in a ransomware attack. Formerly known as Accretive Health Inc., Chicago-based R1 RCM brought in revenues of $1.18 billion in 2019. The company has more than 19,000 employees and contracts with at least 750 healthcare organizations nationwide. Read…
Lifespan Pays $1,040,000 to OCR to Settle Unencrypted Stolen Laptop Breach
In April, 2017, Lifespan issued a statement disclosing a stolen laptop incident involving unencrypted protected health information. In at least two places in their statement they claim that they are committed to protecting the security and confidentiality of patient data. Today, OCR announced a settlement with Lifespan in which Lifespan is to pay more than…