In December, DataBreaches reported that the Indiana Attorney General’s Office had brought charges against Westend Dental for a number of HIPAA violations. The state had started investigating the dental practice after a patient complained about them not providing a copy of their records in response to a request. In looking into that complaint, the state…
Operation Heart Blocker: Disruption action deals blow to criminal cyber network HeartSender
During a disruption action on January 29, 2025, HeartSender servers and domains were seized by various police services. HeartSender is the name of a group of phishing software makers. The Cybercrime Team of the East Brabant police unit started an investigation at the end of 2022, after phishing software was found on the computer of…
Almost one year later, NorthBay Health notifies 569,012 people of breach of sensitive information
While some states are decreasing the amount of time entities have to notify the state or individuals of a breach, the reality is that many entities are nowhere near complying with even more lenient deadlines. HIPAA, for example, allows entities no more than 60 calendar days from discovery of a breach (the first day they…
Heart Centre Cyberattack in Australia, DragonForce Claims Responsibility for Sensitive Data Theft
SuspectFile reports: The healthcare sector continues to be a prime target for cybercriminal groups, with targeted attacks putting patient safety and medical information confidentiality at risk. The recent attack on Heart Centre, a network of cardiology clinics located in New South Wales, Australia, carried out by the DragonForce group, once again highlights the vulnerability of hospital IT…
Backdoor found in two healthcare patient monitors, linked to IP in China
Lawrence Abrams reports: The US Cybersecurity and Infrastructure Security Agency (CISA) is warning that Contec CMS8000 devices, a widely used healthcare patient monitoring device, include a backdoor that quietly sends patient data to a remote IP address and downloads and executes files on the device. Contec is a China-based company that specializes in healthcare technology, offering…
Law enforcement continues efforts to disrupt cybercrime forums and services
Law enforcement has been busy. As reported yesterday, Cracked and Nulled forums were seized along with services associated with them financially. Two suspects were arrested in Spain. Today, DOJ issued two press releases. The first was about yesterday’s seizures: Cracked and Nulled Marketplaces Disrupted in International Cyber Operation The Justice Department today announced its participation…