Utah-based health care practice Premier Family Medical was struck by ransomware last July 8 in a cyberattack that reportedly affected the records of roughly 320,000 patients. The medical provider, which operates 10 locations across Utah County, originally announced the incident publicly on Aug. 30, noting that the malware had restricted employees’ access to their systems…
The Department of Justice has indicted two Americans and a Nigerian on multiple charges for their alleged roles in a phishing scheme that targeted college employees, banks and other businesses from May 2013 through June 2014. Filed on Tuesday in U.S. District Court in New Mexico, the indictment identifies the defendants as Nigerian citizen Otuokere…
VxWorks, a real-time operating system (RTOS) that runs on more than 2 billion devices — many in industrial, health-care and enterprise environments — has been found to contain 11 vulnerabilities, six of which are critical flaws that enable remote code execution. Around 200 million devices are running the vulnerable versions of the RTOS, according to…
Premera Blue Cross has consented to pay $10 million as compensation for a nearly year-long data breach that impacted more than 10.4 million health patients, the Washington state’s Attorney General Bob Ferguson announced yesterday. More than half of those funds, roughly $5.4 million, will be allocated to Washington, and will be applied toward the enforcement…
Medical device manufacturer Medtronic plc took the unusual step of issuing a recall for several of its insulin pump products due to serious hacking concerns that were detailed in a pair of security alerts from the Food and Drug Administration (FDA) and ICS-CERT. The root cause of the scare is an improper access control vulnerability…
Personal information belonging to residents and employees of multiple assisted living facilities were potentially exposed in an April 2019 cyberattack that infected third-party software company Tenx Systems, LLC with ransomware. The Minneapolis-based company, which operates under the name ResiDex Software and provides software to assisted-living homes, group facilities and care-giving organizations for seniors and the…
Oregon’s Department of Human Services (DHS) is in the process of mailing notifications to roughly 645,000 of its reportedly 1.6 million clients, following a data breach incident last January that resulted from a phishing scam. When DHS first publicly disclosed the incident last March, it said the number of affected Oregonians exceeded 350,000, but it…
Multiple databases belonging to the Facebook ad agency xSocialMedia have been found open exposing almost 150,000 records containing a wide variety of medical information derived from marketing campaigns run for medical malpractice lawsuits. The files were found by vpnMentor on June 2, and which have since been secured. The exposed information was gathered through Facebook…
Medical tech company Becton, Dickinson and Company (BD) has advised users of its Alaris Gateway Workstation – a smart connectivity and integration solution for infusion pump devices – to update their firmware, following the discovery of a highly critical remote code execution vulnerability. CyberMDX researcher Elad Luz found that multiple versions of the workstation –…
A recent study sought out how the healthcare industry is dealing with the increasing number of cyberattacks targeting patient data found those charged with securing the data may have their priorities misplaced. Carbon Black surveyed 20 leading CISOs from the healthcare industry and found 83 percent of surveyed healthcare organizations said they’ve seen an increase…
