Health Care | SC Media

Health Care

GandCrab ransomware strikes Doctors’ Management Services

Doctors’ Management Services (DMS) was struck with GandCrab ransomware on Christmas Eve last year, possibly exposing the PII of its clients’ patients. Timothy DiBona, CEO of the Massachusetts-based medical billing and services firm, said in a statement that the attack was first noticed on Dec. 24, 2018 when DMS’s files became encrypted with what was…

EmCare data breach exposes 60,000 employees, patients

EmCare Inc. suffered a data breach after several employee email accounts were accessed by an unauthorized entity, resulting in the compromise of up to 60,000 individuals’ information. The Dallas-based company, which provides physician services, said in a statement that it determined the hacked emails contained patients’, employees’ and contractors’ personal information. The exposed data included…

Thieves stole four unencrypted computers from an administrative building of the medical group.

Phishing attacker gains access to Baystate Medical Center patient records

Baystate Medical Center reportedly suffered a data breach possibly impacting 12,000 patients. The Springfield, Mass.-based hospital told patients that between Feb. 7 and March 7, 2018, several employee email accounts were compromised after a worker was victimized by a phishing scheme giving an unauthorized person access to their accounts. Baystate said the accounts were quickly…

Phishing scam stings Oregon Dept. of Human Services, compromises emails containing resident data

The Oregon Department of Human Services (DHS) was the victim of a phishing campaign earlier this year, resulting in a data breach that reportedly involves the records of up to 1.6 million state residents. According to a March 21 Oregon DHS press release, the incident took place last Jan. 8, when nine separate agency employees…

Critical OpenSSL vulnerability, 'Heartbleed Bug,' enables SSL/TLS decryption

Medtronic defibrillators vulnerable to attack

The Department of Homeland Security is warning users of Medtronic defibrillators of two vulnerabilities that could lead to an attacker accessing and altering the device. The warning, which was issued through the DHS Cybersecurity and Infrastructure Security Agency, covers two vulnerabilities, CVE-2019-6538 and CVE-2019-6540. A complete list of the models affected can be found here.…

Healthcare sector's broad data sets will attract increased attacks in 2015

More healthcare facilities affected by Wolverine Solutions Group data breach come forward

Hundreds healthcare facilities and more than one million patients had their information compromised when their shared third-party vendor Wolverine Solutions Group (WSG) suffered a ransomware attack in September 2018. WSG, which handles billing and mailing services for the healthcare organizations, said its files were encrypted on Sept. 25, 2018 by a ransomware attack. The decryption…

Rush University Medical Center data breach, 45,000 patients affected

About 45,000 Rush University Medical Center patients had their data exposed when a third-party employee mistakenly exposed a file containing the data to an unauthorized individual. The Chicago hospital said the data breach most likely happened in May 2018 when a worker at the hospital system’s billing processing vendors disclosed a file containing the patient…

Hospital

Breach could impact roughly 326,000 UConn Health patients

An unauthorized party accessed the email accounts of several UConn Health employees last Christmas Eve, in a data breach that reportedly may affect up to roughly 326,000 patients. In an online disclosure, the Connecticut-based academic medical center revealed that the breached data includes, names, dates of birth, addresses and “limited medical information such as billing…

Heart attack: Ransomware encrypts Australian cardiac clinic’s patient files

Employees of Melbourne Heart Group in Malvern, Australia, have been unable to access patients’ medical records following a January ransomware attack that encrypted the health care provider’s files. The cardiology clinic disclosed the incident today on its website’s home page. “We have been assured that no patient’s privacy has been compromised in any way,” the…

Next post in Security News