Author Archives: Blog HIPAA

28% BEC Emails are Opened and 15% Get a Reply

Business Email Compromise scams are the biggest cause of losses to cybercrime. Over the past 5 years, more than $43 billion has been lost to the scams, according to the FBI’s Internet Crime Complaint Center (IC3). In its March 2022 report, the FBI said IC3 had received reports of $2.4 billion in losses to BEC… Read More »

RDP and Cloud Databases Most Common Targets of Threat Actors

Malicious actors used a variety of methods to gain initial access to victims’ networks but in 2022, cybercriminal groups appeared to focus on Remote Desktop Protocol and attacking cloud databases, according to cyber insurer Coalition. RDP is one of the most common ways that initial access brokers (IABs) and ransomware gangs gain access to victims’ networks… Read More »

98% of Organizations Use a Vendor That Had a Data Breach in the Past 2 Years

Healthcare organizations have been investing in cybersecurity to improve their defenses against increasingly numerous and sophisticated cyberattacks; however, while an organization’s security posture can be improved, it can only be as good as the weakest link. Cybercriminals are increasingly targeting the supply chain in their attacks, as these are usually the weakest links in the… Read More »

Hackers Compromised Sharp HealthCare Web Server and Stole Patient Data

Sharp HealthCare in San Diego has recently notified almost 63,000 patients that some of their personal and protected health information has potentially been stolen in a recent cyberattack on its web server. Sharp HealthCare detected the cyberattack on January 12, 2023, and immediately shut down the web server while the incident was investigated. A third-party… Read More »

Lawsuit Seeks Damages for GoodRx Users for Invasion of Privacy

Last week, the Federal Trade Commission (FTC) announced its first-ever financial penalty for a violation of the FTC Health Breach Notification Rule. GoodRx was alleged to have failed to issue notification letters to customers whose PHI was disclosed to third parties such as Google and Facebook via tracking technologies on its website and mobile app.… Read More »

Regal Medical Group Ransomware Attack & Southeast Colorado Hospital District Email Breach

Regal Medical Group, a San Bernardino, CA-based affiliate of the Heritage Provider Network, recently announced that it was attacked with ransomware. On December 2, 2022, employees experienced difficulty accessing data. Third-party cybersecurity experts were engaged to investigate the attack and assist with the breach response and confirmed that malware had been used to encrypt files… Read More »

Highmark Health Phishing Attack Affects 300,000 Patients

Pittsburg, PA-based Highmark Health, the second largest integrated delivery and financing system in the U.S., has recently announced that an unauthorized individual has accessed the email account of one of its employees following a response to a phishing email. After the employee clicked the link in the email and disclosed their credentials, the account was… Read More »