IT Security Incidents

During the Labor Day weekend, Oakbend Medical Center based in Richmond, TX, encountered a ransomware attack, which began on September 1, 2022, resulting in the encryption of files in its network. The IT team of … Read more

The number of persons impacted by the ransomware attack on OneTouchPoint, the mailing and printing vendor based in Hartland, WI, has now grown to 2,651,396 people. One of the most recent companies to confirm being … Read more

Independent Case Management (ICM) based in Little Rock, AR, a provider offering home and community-based assistance for persons with mental and developmental handicaps, recently informed 3,307 persons about the potential theft of some of their … Read more

St. Luke’s Health System based in Boise, ID, has just submitted a data breach report to the HHS’ Office for Civil Rights that affected 31,579 patients. The breach happened in May 2022 at Kaye-Smith, which … Read more

The U.S Department of Justice made an announcement that it seized approximately $500,000 in Bitcoin from North Korean threat actors that used the Maui ransomware to attack healthcare companies in the U.S.A. The Cybersecurity and … Read more

On June 25, 2022, a representative of a threat group known as DAIXIN Team shared details with regards to a ransomware attack and information theft incident that occurred at Fitzgibbon Hospital located in Marshall, Missouri. … Read more

An IT specialist who worked as a service provider at a suburban healthcare organization in Chicago has been accused of illegally acquiring access to the firm’s network and deliberately causing ruin to a protected PC. … Read more

Social Action Community Health System (SAC Health) has lately advised 149,940 patients regarding the theft of documents that contain their protected health information (PHI) in a break-in at an off-site storage place that keep patient … Read more

McKenzie Health System in Sandusky, MI, has just begun informing 25,318 individuals regarding the theft of some of their protected health information (PHI) due to a recent security incident that interrupted the operations of a … Read more

The Federal Bureau of Investigation (FBI) has released a public service statement cautioning about the risk of Business Email Compromise/Email Account Compromise (BEC/EAC) frauds. The number of attacks documented by the FBI Internet Crime Complaint … Read more

La Casa de Salud, New York The human services organization Acacia Network based in New York City has lately informed the HHS’ Office for Civil Rights regarding an email account breach that was discovered on … Read more

South Denver Cardiology Associates (SDCA) has recently reported that it experienced a cyberattack in January 2022 that led to the access and possible theft of files that contain patient data by attackers. Strange network activity … Read more

DataHealth DataHEALTH, the cloud hosting and data storage company based in Austin, TX, has announced a ransomware attack on November 3, 2021. Immediate action was undertaken to manage the incident and a third-party cybersecurity agency … Read more

Logan Health Medical Center located in Kalispell, MT has recently commenced informing a number of patients that hackers obtained access to a file server that contained patient files in a highly sophisticated criminal attack. The … Read more

Phishing attacks make it possible for threat actors to get credentials, but with multi-factor authentication (MFA), it is tougher for phishing attacks to become successful. With MFA activated, aside from a username and password, an … Read more

The University of Arkansas for Medical Sciences and Sacramento County recently reported email-related breaches of protected health information (PHI). HIPAA Violation by an Employee of the University of Arkansas for Medical Sciences (UAMS) The University … Read more

Data of Millennium Eye Care Patients Stolen by Ransomware Gang A provider of ophthalmology services in Freehold, NJ, Millennium Eye Care, reported on December 22, 2021, that attackers lately obtained access to its computer system … Read more

An attacker acquired access to BioPlus Specialty Pharmacy Services, an IT network located in Altamonte Springs, FL. Files containing sensitive patient data were accessed by the attacker. The pharmacy discovered the attack on November 11, … Read more

On July 11, 2021, the Oregon Anesthesiology Group learned that it suffered a ransomware attack that allowed the encrypting of files on its systems and obstructed the use of its servers and patient information. Subsequent … Read more

Three healthcare providers have reported data breaches that affected the email accounts of employees. The occurrences potentially resulted in the exposure and likely theft of the protected health information (PHI) of around 40,000 people. Region … Read more

Medigate and CrowdStrike performed new research which presented the degree to which hackers are attacking healthcare Internet of Things (IoT) devices and alerts about the disturbing status of IoT security in the medical care sector. … Read more

Victory Health Partners Alerts Patients Concerning September 2021 Ransomware Attack Victory Health Partners based in Mobile, AL has informed patients concerning a ransomware attack it detected on September 23, 2021. Before the attackers encrypted the … Read more

University Hospital Newark (NY) has found out that a former worker had accessed the protected health information(PHI) of thousands of patients without authorization over the duration of a year. That information was later disclosed to … Read more

The non-profit behavioral health service provider Directions for Living based in Clearwater, FL experienced a ransomware attack last July 17, 2021. When Directions for Living found out about the attack, it let law enforcement and … Read more

The Alaska Department of Health and Social Services (DHSS) will commence sending notification letters to all people in the state informing them about the possible exposure of their personal and health data due to a … Read more

Population health management firm CareATC based in Tulsa, OK, has learned that unauthorized people have accessed the email accounts of two workers and possibly acquired access to the personal data of patients and workers. CareATC … Read more

SonicWall publicized a Cyber Threat Report update last July, which affirmed a significant rise in cyberattacks beginning 2020. From January to June of 2021, cryptojacking attacks went up by 23%, encrypted threats went up by … Read more

UNM Health found out that an unauthorized third party acquired access to its system and possibly viewed and copied files from that included patients’ protected health information (PHI). The healthcare provider discovered the security incident … Read more

Academic HealthPlans, Inc. (AHP) learned that an unauthorized person has obtained access to the email accounts of two workers after they responded to phishing emails. AHP was informed of a potential breach upon detecting suspicious … Read more

Three more healthcare providers reported that they were affected by the latest ransomware attack on Elekta Inc, the Swedish radiation therapy and radiosurgery provider. Elekta offers a web-based mobile software referred to as SmartClinic, which … Read more

Kaseya has reported a security update published for the Kaseya KSA remote management and tracking software program to resolve the zero-day vulnerabilities, which the REvil ransomware gang fairly recently exploited in attacks on its customers … Read more

The Cybersecurity and Infrastructure Security Agency (CISA) has given a notification after a proof of concept (PoC) exploit had been published for a zero-day vulnerability identified in the Windows Print Spooler service. The vulnerability was … Read more

Arizona Asthma and Allergy Institute sent breach notification letters to 70,372 patients who obtained services between October 1, 2015 and June 15, 2020. As per the breach notice, a selection of their personal data and … Read more

Urgent care center operator Lafourche Medical Group located in Louisiana has informed 34,862 patients regarding a security breach that likely impacted their protected health information (PHI). Lafourche Medical Group discovered on March 30, 2021 that … Read more

Health Plan of San Joaquin (HPSJ), which is a not-for-profit service provider of Medi-Cal managed care based in French Camp, CA, learned that an unauthorized individual has obtained access to its email system and likely … Read more

On May 13, 2021, President Biden signed a comprehensive Executive Order that seeks to appreciably strengthen cybersecurity protections for federal systems, enhance threat information sharing between the private sector, the government, and law enforcement, and … Read more

CareFirst BlueCross BlueShield Community Health Plan District of Columbia (CHPDC) is notifying its members with regards to a cyberattack that resulted in the theft of their protected health information (PHI). CHPDC, previously known as Trusted … Read more

A number of healthcare companies have lately affirmed they were impacted by the Accellion cyberattack last December 2020. The attack was connected to the Clop ransomware gang since its leak website had published parts of … Read more

The Department of State Hospitals (DSH) in California has learned a worker obtained access to the protected health information (PHI) of 1,415 present/former patients and 617 personnel without consent. The employee had an Information Technology … Read more

Due to a phishing attack encountered by Saint Alphonsus Health System based in Boise, ID, the information of its patients was potentially compromised, including the data of patients of Saint Agnes Medical Center located in … Read more

The personally identifiable health information of a huge number of people is being compromised by means of the Application Programming Interfaces (APIs) employed by mobile health (mHealth) apps, reported by a current study shared by … Read more

The County Manager’s Office of Ramsey County, MN has begun informing 8,700 customers of its Family Health Division regarding the potential access of some of their personal data by unauthorized persons brought about by a … Read more

Ransomware attacks in 2020 had a huge impact on companies and organizations in America. Ransomware gangs targeted the healthcare and education sectors, the federal, state, and municipal governments and departments. These sectors had no less … Read more

A huge campaign distributing the Dofoil Trojan has been discovered by Microsoft. The campaign has already witnessed almost half a million PCs infected with the malware in less than 12 hours. The Dofoil Trojan is … Read more

A ransomware attack at Campbell County Health has disrupted hospital services and left the organization unable to access patient information.  Campbell County Health, based in Gillette, Wyoming, stated that the ransomware attack began at 3:30 … Read more

East Central Indiana School Trust (ECIST) is notifying more than 3,200 individuals that a phishing attack may have compromised their protected health information (PHI). On May 22, 2019, the organization noticed suspicious activity on an … Read more

NCH Healthcare System is preparing to notify patients that their protected health information may have been compromised in a phishing attack. On June 14, 2019, NCH Healthcare System, based in Bonita Springs, Florida, noticed suspicious … Read more

Western Connecticut Health Network is sending breach notification letters to patients whose protected health information (PHI) may have been exposed in a postal incidence.  On June 11, 2019, Western Connecticut Health Network (WCHN), now known … Read more

Hackers impersonating the US National Council of Examiners for Engineering and Surveying (NCEES) are targeting business in the US utility sector through a new phishing campaign.  Between July 19 and July 25 2019, the hackers … Read more

Perry County Medical Center, Inc. d/b/a Three Rivers Community Health Group, has announced that it is notifying patients following a phishing attack which saw patient data compromised.  Perry Country Medical Center, a health care centre … Read more