In what may be the largest health data breach reported so far in 2023, a government contractor affected by the MOVEit breach disclosed the breach in an SEC filing. ANS reports: Maximus, a US government services contracting company, has confirmed that hackers exploited a vulnerability in MOVEit Transfer to access the protected health information of…
Search Results for: HCA
BlackCat adds a community behavioral health center in Alabama to its leak site (UPDATED)
AlphV (aka BlackCat) threat actors have added Highland Health Systems in Alabama to their leak site. As proof of claims, they have leaked a number of files with employee and patient data or information, including part of a psychiatric intake form with a narrative from 2008. Other files are more current. Highland Health Systems is…
Why gay furry hackers are leaking state government documents
Hacktivism is still a thing, of course, perhaps even more so these days with all the political conflicts in within and between countries and religions. If you’ve been wondering about a group describing themselves as “gay, furry hackers,” Sofia Mahirova has a write-up about them: Earlier this month, SiegedSec, the group of self-described “gay and…
Onix Group Faces 3 Lawsuits in Addiction Center Breach
On May 27, DataBreaches reported on two breaches that had been disclosed on the Friday before a holiday weekend. One of the two was a breach reported by Onix Group in Pennsylvania. As DataBreaches reported at the time: Their notice was provided on their own behalf and on behalf of Addiction Recovery Systems, Cadia Healthcare,…
Au: Atherfield Medical & Skin Cancer Clinic victim of cyberattack by Cyclops
Australia has experienced a number of significant cyberattacks on healthcare entities in the past few years. Now a relatively new ransomware group, Cyclops, claims to have attacked Atherfield Medical & Skin Cancer Clinic in Australia: In Cyclops’ listing (above), there is a date of June 29, which appears to be the date they uploaded…
CISA issues warning for cardiac device system vulnerability
Jonathan Greig reports: The Cybersecurity and Infrastructure Security Agency (CISA) warned of a severe vulnerability in a cardiac device from medical device company Medtronic. The issue – tracked as CVE-2023-31222 – carries a “critical” CVSS score of 9.8 out of 10 and affects the company’s Paceart Optima software that runs on a healthcare organization’s Windows server. Medtronic said…