The Affordacare Urgent Care Clinic, a network of medical providers based in Texas, has officially confirmed a combination data breach-ransomware attack that exposed sensitive information. The company is claiming that social security numbers were not impacted in the incident, despite security experts having demonstrated that the attackers have published stolen documents containing patients’ and employees’…
The cybercriminal gang behind Maze ransomware has been extorting a UK-based clinical research organization that’s been preparing to play a potential role in testing vaccine candidates for the novel coronavirus, despite assurances that they would not harm any health care organizations during the COVID-19 crisis. SC Media first reported an attack on the medical center,…
LabCorp has confirmed that its internal system was accessed by an unauthorized person but would not give any further details pertaining to the number of people or types of data possibly affected. In a statement to SC Media, LabCorp said it has determined that an internal company system used by its Integrated Oncology business was…
U.K.-based medical technology company Tissue Regenix acknowledged on Tuesday that it took its systems offline after an unauthorized party accessed them and those of its U.S.-based third-party IT service provider. According to a report from Reuters, the Leeds-based company said the shutdown will negatively impact its ability to manufacture products at its U.S. facility in…
The DHS Cybersecurity and Infrastructure Security Agency has issued a warning of six critical-rated vulnerabilities in several GE medical monitoring devices. Advisory ICSMA-20-023-01 covers the GE CARESCAPE Telemetry Server, ApexPro Telemetry Server, CARESCAPE Central Station (CSCS) and Clinical Information Center (CIC) systems, CARESCAPE B450, B650, B850 monitors. The vulnerabilities include unprotected storage of credentials, improper…
A misconfigured Amazon Web Services S3 storage bucket was discovered leaking data that had been collected by a point-of-sale system used by multiple cannabis dispensaries, researchers from vpnMentor reported on Wednesday. The exposed bucket, which was found on Christmas eve and closed by Jan. 14, was found to contain more than 85,000 files. These included…
Minnesota-based hospital operator Alomere Health this month began notifying patients of a data breach affecting 49,351 individuals, after a malicious actor gained access to two employee email accounts in late October and early November. The first incident took place between Oct. 31 and Nov. 1, 2019, while the second account hijacking happened days later on…
Cybercriminals have spun off a ransomware that was originally known to target Russian organizations into a new malicious encryptor used in targeted campaigns against strategically selected health care and IT companies in America and Europe. Dubbed Zeppelin, the new ransomware is a descendant of VegaLocker, a Delphi-based Ransomware-as-a-Service (RaaS) offering that was discovered in early…
More than 100 dentist offices have reportedly been affected by a recent Sodinokibi ransomware attack on a Colorado-based company that provides IT services to the oral-care practices. Security expert Brian Krebs reported this past weekend via his blog post that Englewood, Colo.-based Complete Technology Solutions (CTS), was attacked back on Nov. 25, apparently via a compromised remote…
Cybercriminals are reportedly demanding a $14 million extortion payment after using Ryuk ransomware to infect Virtual Care Provider Inc. (VCPI), a company that provides IT consulting and cloud-based data hosting and security services to roughly 110 nursing home operations around the U.S. The Nov. 17 attack took place at 1:30 a.m. local time, encrypting the…
