Health Care | SC Media Health Care

Health Care

Hospital

Breach of email accounts impacts 50,000 patients of Minnesota hospital

Minnesota-based hospital operator Alomere Health this month began notifying patients of a data breach affecting 49,351 individuals, after a malicious actor gained access to two employee email accounts in late October and early November. The first incident took place between Oct. 31 and Nov. 1, 2019, while the second account hijacking happened days later on…

Hospital

Epilepsy Foundation files complaint, seeks investigation on Twitter attacks

The Epilepsy Foundation has filed a formal criminal complaint over a series of attacks that transpired on its Twitter feed in November when someone apparently tried to trigger seizures by showing flashing and strobing lights. The attackers used the Foundation’s Twitter handle and hashtags to post GIFs and videos containing flashing lights and strobing effects,…

Dread Zeppelin: Ransomware targets health care and IT sectors in U.S., Europe

Cybercriminals have spun off a ransomware that was originally known to target Russian organizations into a new malicious encryptor used in targeted campaigns against strategically selected health care and IT companies in America and Europe. Dubbed Zeppelin, the new ransomware is a descendant of VegaLocker, a Delphi-based Ransomware-as-a-Service (RaaS) offering that was discovered in early…

Report: Dental practices feel the pain of ransomware attack on IT provider

More than 100 dentist offices have reportedly been affected by a recent Sodinokibi ransomware attack on a Colorado-based company that provides IT services to the oral-care practices. Security expert Brian Krebs reported this past weekend via his blog post that Englewood, Colo.-based Complete Technology Solutions (CTS), was attacked back on Nov. 25, apparently via a compromised remote…

Ransomware attack on nursing homes’ services provider threatens lives

Cybercriminals are reportedly demanding a $14 million extortion payment after using Ryuk ransomware to infect Virtual Care Provider Inc. (VCPI), a company that provides IT consulting and cloud-based data hosting and security services to roughly 110 nursing home operations around the U.S. The Nov. 17 attack took place at 1:30 a.m. local time, encrypting the…

The fairly convincing phishing scam is being hosted on a compromised EA Games server.

Threat actor impersonates German, Italian and American gov’t agencies to spread malware

Since October, a threat actor has been impersonating governmental agencies in phishing emails designed to infect American, German and Italian organizations with various forms of malware, including the Cobalt Strike backdoor, Maze ransomware and the IcedID banking trojan. Business and IT services, manufacturing companies, and healthcare organizations make up a large share of the targets…

Open database exposes 93K files on patients of substance abuse facilities

A misconfigured AWS s3 storage bucket reportedly exposed roughly 93,000 billing files that contain information on patients of three drug and alcohol addiction facilities operated by San Juan Capistrano, California-based Sunshine Behavioral Health, LLC. Patients at SBH’s Monarch Shores location in San Juan Capistrano; Chapters Capistrano facility in San Clemente, Calif.; and Willow Springs Recovery…

Arkansas AG reiterates need to report medical data breaches

Arkansas Attorney General (AG) Leslie Rutledge has advised the state’s medical practitioners of their responsibilities regarding when to report a data breach under the federal state’s Personal Information Protection Act (PIPA). Meanwhile, in neighboring Tennessee the state-run medical service TennCare reported that 43,847 members had their information exposed in a data breach that took place…

Next post in Data Breach