The University of Utah has experienced a phishing attack that has potentially involved the protected health information of up to 10,000 patients. This is the 4th data breach to be reported to the Department of Health and Human Services by the University of Utah in 2020. All four incidents are listed as hacking/IT incidents involving… Read More »
The FBI’s Cyber Division has issued two recent cybersecurity alerts, the first following an increase in destructive Distributed Denial of Service (DDoS) on U.S. companies and the second concerns the risk of malware infections when installing Chinese tax software. Increase in Destructive DDoS Attacks on US Networks Cybercriminals have been exploiting new built-in network protocols… Read More »
The sharp drop in healthcare data breaches seen in May proved to be short lived, with June seeing a major increase in data breaches. In June, 52 breaches were reported by HIPAA covered entities and business associates. That represents an 85.71% month-over-month increase in reported breaches. The number of individuals impacted by healthcare data breaches… Read More »
The HHS’ Office for Civil Rights (OCR) has announced a $25,000 settlement has been reached with Metropolitan Community Health Services to resolve violations of the HIPAA Security Rule. Washington, NC-based Metropolitan Community Health Services is a Federally Qualified Health Center that provides integrated medical, dental, behavioral health & pharmacy services for adults and children. Operating… Read More »
The biomedical community is working hard to develop vaccines against SARS-CoV-2 and discover new treatments for COVID-19 and nation-state hackers and cybercriminal organizations are targeting those organizations to gain access to their research data. Recently, security agencies in the United States, Canada, and the United Kingdom issued alerts about state-sponsored Russian hackers targeting organizations involved… Read More »
A lawsuit filed against Sarrell Regional Dental Center for Public Health Inc. over a July 2019 ransomware attack has been dismissed by a Federal judge due to a lack of standing. Sarrell was able to recover from the attack and restore its computer systems and data without paying the ransom, although the dental center was… Read More »
Two Chinese nationals have been indicted by the U.S. Department of Justice (DOJ) for targeting and hacking US companies, government agencies, and others to steal sensitive information, including COVID-19 research data. The hackers are alleged to have been working under the direction of the Chinese government and also hacking organizations for personal financial gain. LI… Read More »
The Emotet botnet has been reactivated after a 5-month period of dormancy and is being used to send large volumes of spam emails to organizations in the United States and United Kingdom. The Emotet botnet is a network of compromised computers that have been infected with Emotet malware. Emotet malware is an information stealer and… Read More »
Ellicott City, MD-based Lorien Health Services, which runs 9 assisted living facilities in Maryland, has announced it was the victim of a ransomware attack on June 6, 2020. Third party cybersecurity experts were retained to assist with the investigation and determine whether patient information had been accessed by the attackers. On June 10, 2020, it… Read More »
The Pennsylvania physician-owned radiology practice, Quantum Imaging and Therapeutic Associates, has announced that reports have been received about a non-physician employee who allegedly shared an x-ray of a male patient’s genitalia with members of a Facebook group. The sharing of medical images on social media networks, without patient consent, is a violation of patient privacy… Read More »