The Philadelphia-based health system, Einstein Healthcare Network, is facing a class action lawsuit over an August 2020 phishing attack that resulted in multiple employee email accounts being accessed by an unauthorized individual. Einstein Healthcare is a non-profit health system that operates four hospitals – Einstein Medical Center Philadelphia, Elkins Park Hospital, MossRehab in Elkins Park,… Read More »
An unauthorized individual gained access to the email account of an employee of River Springs Health Plans and installed malware which potentially allowed the contents of the email account to be exfiltrated. The employee responded to the phishing email on September 14, 2020. The malware was detected and removed the following day and the email… Read More »
The Wyoming Department of Health (WDH) has discovered the protected health information of 164,021 individuals has been accidentally exposed online due to an error by a member of its workforce. On March 10, 2021, WDH discovered an employee had uploaded files containing medical test result data to private and public repositories on the software development platform… Read More »
The increase in ransomware attacks in 2020 has continued in 2021 with healthcare one of the most targeted industries, according to the latest Coveware Quarterly Ransomware Report. Healthcare ransomware attacks accounted for 11.6% of all attacks in Q1, 2021, on a par with attacks on the public sector and second only to attacks on firms… Read More »
A joint cybersecurity advisory has been issued by the Department of Homeland Security (DHS), Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) about ongoing cyber operations by the Russian Foreign Intelligence Service (SVR). The advisory provides further information on the tactics, techniques, and procedures (TTPs) used by SVR hackers to… Read More »
The protected health information of 153,013 individuals has potentially been compromised in an email security breach at HME Specialists LLC, dba Home Medical Equipment Holdco. HME Specialists discovered suspicious activity in its email system and immediately secured all affected accounts and engaged a specialist cybersecurity company to conduct a forensic investigation to determine the extent… Read More »
The Swedish oncology and radiology system provider Elekta is recovering from a cyberattack that forced it to take its first-generation cloud-based storage system offline on April 20, 2021. While the company has confirmed it has suffered a security breach, details about the exact nature of the attack have yet to be released. It is unclear… Read More »
The Michigan-based group health plan broker and consultancy firm Manquen Vance – formerly Cornerstone Municipal Advisory Group – is alerting 7,018 individuals about a potential breach of their personal and health information. An investigation was launched on November 16, 2020 when the firm identified suspicious activity in the email account of an employee. Manquen Vance… Read More »
In response to the growing threat from ransomware attacks, the U.S Department of Justice has launched a new Ransomware and Digital Extortion Task Force that will target the entire ransomware ecosystem as a whole. The aim is not only to bring the individuals conducting the attacks to justice, but also any individuals who assist attackers,… Read More »
Three zero-day vulnerabilities have been identified in SonicWall Email Security products that are being actively exploited in the wild by at least one threat actor. The vulnerabilities can be chained to gain administrative access to enterprise networks and achieve code execution. SonicWall Email Security solutions are deployed as a physical appliance, virtual appliance, software installation,… Read More »