Health Care News, Articles and Updates

ShopRite Kingston, N.Y. pharmacy customers data exposed

ShopRite supermarket customers who patronized the chain's store in Kingston, N.Y. may have had their payment card and some health information compromised when the store improperly discarded an electronic signature device used in the store's pharmacy.

128,000 Arkansas Oral & Facial Surgery Center patients compromised

In late July the Arkansas Oral & Facial Surgery Center was hit with a ransomware attack that not only locked up patient records, but may have also exposed their personal information.

WannaCry and Hollywood hospital ransomware attacks crossed a line for some cybercriminals

The ransomware infection that disrupted Hollywood Presbyterian Medical Center and the worldwide WannaCry attack in 2017 caused an ethical and philosophical rift among members of the Russian and Eastern European cybercriminal community.

Houston man sentenced to 27 months for hospital hack

A Houston man was sentenced to 27 months in prison for hacking into the Centerville Clinic computer system, disabling all administrative controls and using the health care facilities credit card to make purchases at Staples.

Medfusion 4000 Wireless Syringe Infusion Pump can be exploited to compromise operations

Until a new version of Smiths Medical's Medfusion 4000 Wireless Syringe Infusion Pump is issued in January 2018, its operators should be wary of eight vulnerabilities that can be remotely exploited to gain access to the device and compromise its functionality.

19,000 Medical Oncology Hematology Consultants, PA records exposed in ransomware attack

More than 19,000 patient records were exposed during a ransomware attack on Medical Oncology Hematology Consultants, PA that took place in June.

Silver Cross Hospital vendor exposes information on 9,000 patients

Almost 9,000 patients of Silver Cross hospital, outside of Chicago, possibly had their data exposed due to an error made by a third-party vendor.

Abbott Laboratories securing vulnerable pacemakers with firmware and software updates

Healthcare product manufacturer Abbott Laboratories is updating the firmware and software in its line of implantable pacemakers to shore up a security vulnerability that could lead to unauthorized access.

Flaws in web-based radiological solution could allow attackers to see right through database

A web-based reporting tool that tracks radiation doses delivered by X-ray machines and related devices contains vulnerabilities that could impact patient confidentiality, system integrity, or system availability, Dutch tech company Philips reported.

Almost 5,000 The Daniel Drake Center for Post-Acute Care patient records exposed

The Daniel Drake Center (DDC) for Post-Acute Care, which is part of the University of California's health system, reported patient information was accessed and viewed by an unauthorized employee over a two-year period.

Staffing agency employee allegedly distributes patient information illegally

The Detroit Medical Center (DMC) has alerted more than 1,500 of a data breach caused by an employee who shared personal information with unauthorized individuals.

5,300 University of Iowa Health Care records exposed for two years

Thousands of University of Iowa Health Care (UIHC) patients had some of their private information inadvertently posted for more than two years on a web application development site.

Indiana Medicaid patient information exposed

Indiana Medicaid members may have had their personally identifiable information compromised when a third-party vendor mistakenly made public a link to the data.

UPDATED: Information-stealing malware found targeting Israeli hospitals

Researchers from Trend Micro have discovered a malware campaign seemingly targeting Israeli hospitals with highly obfuscated information-stealing malware that abuses LNK shortcut files.

2,000 Texas HHSC clients health data compromised

The Texas Health and Human Services Commission (HHSC) reported a data breach possibly affecting almost 2,000 people in the Houston area.

Botched security: Celebrities, other patients, affected after plastic surgery files are breached and stolen

Hackers on Tuesday publicly posted more than 25,000 files and private images stolen from a Lithuanian plastic surgery clinic after attempting to financially extort the medical facility and its clients.

WannaCry patches mistakenly knock Aussie hospitals offline

In a case of no good deed goes unpunished, five Australian hospitals accidently locked out staff access to the computer systems after installing patches designed to protect them from WannaCry ransomware.

All cried out? WannaCry ransomware victims strive to recover as researchers dig into attack

As the world returned to work on Monday, businesses continued to pick up the pieces following a historic cyberattack that crippled Windows machines across the globe with WanaCrypt0r 2.0 ransomware.

Report: Ontario mails health card forms containing personal info to wrong addresses

Ontario, Canada mistakenly exposed thousands of residents' personal information after printing the wrong addresses on individuals' health card renewal forms, causing them to be sent to strangers, according to the Ottawa Citizen.

Microsoft bug linked to spy campaigns, bank thefts reportedly took 6 months to fix

A zero-day bug in Microsoft Office and WordPad that hackers exploited to spy on targeted users, implant malware, and steal banking credentials took nine months to fix, according to news reports.

1.5 million records lost in March health care industry data breaches

A sharp spike in the number of health care data breaches was recorded in March with 39 incidents taking place compromising more than 1.5 million patient record.

Fancy Bear accused of stealing IAAF athlete data

Russian APT group Fancy Bear is believed to have struck again, this time compromising the medical data of more than 80 International IAAF athletes.

Breach compromises data of 9,000 Verity Health System patients

About 9,000 Verity Health patients had their personal data compromised after an unauthorized entry was discovered in the health system's network.

Sentara Healthcare notifies 5.4K of breach

The breach of a third party vendor resulted in Virginia-based Sentara Healthcare notifying more than 5,000 patients about their information being compromised.

3,600 patients affected by breach at the Children's Hospital Los Angeles

In mid-December a laptop belonging to a doctor working at the Children's Hospital Los Angeles and the Children's Hospital Los Angeles Medical Group was stolen.