Brian Krebs reports: Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. But new information confirms this pledge was always a lie, and that Conti has launched more than 200 attacks against hospitals and other…
Search Results for: HCA
On-the-Spot Intervention 95% Effective in Reducing Healthcare Employees’ Unauthorized Access to Protected Health Information (PHI)
The following is a press release from Protenus. As a reminder/disclosure: DataBreaches.net compiles data and performs some data analytic services for Protenus’s Breach Barometer each year. Protenus is pleased to announce a recent study found that on-the-spot interventions for healthcare employees who inappropriately accessed PHI were 95% effective in preventing repeat offenses. The article, “Effectiveness of…
Four HIPAA Enforcement Actions Hold Healthcare Providers Accountable With Compliance
Today, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced the resolution of three investigations and one matter before an Administration Law Judge related to compliance with the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule. Two of these cases are part of OCR’s HIPAA Right of Access…
Conti and Karma actors attack healthcare provider at same time through ProxyShell exploits
I’ve occasionally seen evidence that one victim was hit by more than one group or threat actor, but Sophos provides the most detailed reporting I’ve ever seen on one such incident. Sean Gallagher takes us through the saga that impacted a healthcare provider in Canada hit by two separate ransomware groups — Karma and Conti….
JDC Healthcare Management issues second press release about malware incident last summer
On October 7, JDC Healthcare Management (Jefferson Dental Care) issued a press release concerning a malware incident discovered in August. At the time, they notified HHS that 501 patients were affected — a number that typically means “We know it’s more than 500 but we don’t have an exact count yet.” Today, they issued a…
HHS Cybersecurity Program: Electronic Medical Records in Healthcare
HHS has published a new cybersecurity threat brief, available for download on their site. The topics include: • What Is an EMR, and How Is It Used in Healthcare? • Top EHR Software Used in Hospitals • Benefits & Risks of Using EMR/HER • Why EMRs/EHRs Are Valuable to Cyber Attackers • How Are EMR/EHRs…