Category Archives: Latest Posts

Data Breach Impacts More Than One Dozen Anesthesia Providers

A major data breach has occurred at the management company of multiple providers of anesthesia services to hospitals. According to a media breach notice from one of the affected providers, Anesthesia Associates of El Paso, the data breach occurred at its unnamed management company on July 15, 2022. Unauthorized individuals gained access to the IT… Read More »

CommonSpirit Health Confirms System Outages Caused by Ransomware Attack

On October 3, 2022, CommonSpirit Health experienced a data security incident that forced it to take systems offline, including its electronic medical record (EHR) and other critical IT systems. These steps were taken to protect systems from damage, contain the breach, and prevent unauthorized access to sensitive data. CommonSpirit Health issued a statement on October… Read More »

25% of Healthcare Organizations Said a Ransomware Attack Forced Them to Completely Halt Operations

Ransomware attacks continue to plague the healthcare industry. The attacks disrupt operations due to essential IT systems being taken offline, the lack of access to electronic health records causes patient safety issues, and it is common for emergency patients to be redirected to other facilities immediately after attacks and for appointments to be postponed. Recently,… Read More »

34K-Record Data Breach Reported by Aesthetic Dermatology Associates

Pennsylvania-based Aesthetic Dermatology Associates has recently confirmed that its network has been accessed by unauthorized individuals who potentially viewed and/or acquired files containing the personal and protected health information of 33,793 current and former patients. The cyberattack was detected on August 15, 2022, when suspicious activity was detected within its network. An investigation was launched… Read More »

Email Breaches Reported by Cardiac Imaging Associates & Centerstone of Tennessee

Cardiac Imaging Associates in Los Angeles, CA, has discovered an unauthorized individual has accessed an employee’s email account. The incident was detected in April 2022, and immediate action was taken to secure its email environment to prevent further unauthorized access. The forensic investigation confirmed the incident was confined to a single employee email account, which… Read More »

HHS Warns HPH Sector About Abuse of Legitimate Software and Security Tools by Threat Actors

It has become increasingly common for threat actors to use living-off-the-land techniques for conducting reconnaissance, privilege escalation, persistence, and moving laterally within networks undetected. The same software and security tools used by network administrators and red team professionals for legitimate purposes are abused and used to conduct attacks on victims’ infrastructure. Threat actors leverage software… Read More »