Attacks on revenue cycle management (RCM) firms and debt collection firms often provide criminals with a wealth of personal and protected health information because successfully compromising one billing vendor may give access to the sensitive data of numerous covered entities or clients. Horizon Healthcare RCM (“Horizon”) in Indiana is the latest RCM to disclose that…
Disgruntled IT Worker Jailed for Cyber Attack, Huddersfield
The West Yorkshire Police provide today’s reminder of the insider threat and the need to terminate access and credentials before you terminate an employee’s employment: A disgruntled IT worker who launched a cyber attack on his employer after he was suspended from work has been jailed. Mohammed Umar Taj began to take revenge on his…
Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
Tim Starks reports: A hacker working on behalf of the Sinaloa drug cartel infiltrated cameras and phones to track an FBI official in Mexico investigating the drug lord El Chapo, then used data from that surveillance to kill and intimidate potential sources and witnesses the agent was meeting with, a Justice Department watchdog report revealed….
Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024 (1)
Texas Centers for Infectious Disease Associates (TCIDA) has now issued a press release and sent notification letters to patients affected by an attack they first discovered last July. According to their notice, on July 19, 2024, they learned of unusual activity in their network. Their investigation determined that an unauthorized individual may have accessed or…
Battlefords Union Hospitals notifies patients of employee snooping in their records
Today’s reminder of the insider threat comes to us from Battlefords Union Hospitals in Canada. Battlefords Now reports that between October 1, 2024 and April 4, 2025, an operating room scheduler accessed the MedAccess EHR system to look at personal and primary care medical information for hundreds of patients without a legitimate purpose. That same…
Alert: Scattered Spider has added North American airline and transportation organizations to their target list
Charles Carmakal posted the following alert on LinkedIn: ALERT: Scattered Spider has added North American airline and transportation organizations to their target list. 🚨 Mandiant (part of Google Cloud) is aware of multiple incidents in the airline and transportation sector which resemble the operations of UNC3944 or Scattered Spider. We recommend that the industry immediately…