The October 2022 ransomware attack on CommonSpirit Health has cost the health system more than $150 million to date according to its recent quarterly filing, and the costs are continuing to increase as the investigation into the attack and data breach are ongoing. CommonSpirit Health is also being sued over the ransomware attack. Multiple class… Read More »
The Nashville, TN-based health system, Advent Health Partners, has proposed a $500,000 settlement to resolve claims related to a September 2021 data breach involving the protected health information of 61,072 patients. Advent Health Partners detected a breach of its email environment in early September 2021. The investigation confirmed hackers had access to, and potentially stole,… Read More »
Two Louisiana health are being sued over the use of pixels on their websites, which allegedly captured and impermissibly disclose patient data to third parties such as Facebook and Instagram. New Orleans-based LCMC Health System operates 9 hospitals in Southern Louisiana and Shreveport-based Willis-Knighton Health System operates 5 hospitals in Northwestern Louisiana. Both health systems are… Read More »
The mobile pharmacy solution provider, mscripts, has recently announced that a misconfiguration of its cloud storage environment has exposed client data online for the past 6 years. The misconfiguration was detected and remediated on November 18, 2022, with the third-party forensics investigation confirming the cloud storage environment had been unsecured since September 30, 2016. A… Read More »
Rise Interactive Media & Analytics, LLC The Illinois-based digital marketing agency, Rise Interactive Media & Analytics, LLC, has recently confirmed that hackers gained access to its digital environment on November 14, 2022, and potentially accessed or exfiltrated the data of some of its clients. Rise Interactive has reported the breach to the Department of Health and… Read More »
Teijin Automotive Technologies Says Welfare Plan Data Compromised in December Ransomware Attack Teijin Automotive Technologies has recently confirmed the protected health information of 25,464 members of its welfare plan has potentially been accessed and stolen in a December 1, 2022, ransomware attack. Teijin Automotive Technologies has been transparent about the attack and its cause, confirming… Read More »
Security researchers have issued warnings following an increase in cyberattacks distributing a malware variant called GootLoader. GootLoader is a malware loader first identified in 2014 that is now one of the biggest malware threats. The threat group behind the campaign is highly capable and has been evolving its tactics and actively developing the malware to… Read More »
The Health Sector Cybersecurity Coordination Center (HC3) at the Department of Health and Human Services has issued a DDoS guide for the healthcare sector that includes information on the threat and recommended mitigations to limit the severity and impact of DDoS attacks. Distributed-Denial-of-Service (DDoS) attacks are a type of resource exhaustion flooding attack that involves… Read More »
The medical device manufacturer Electromed has proposed a $850,000 settlement to resolve claims related to a June 2021 ransomware attack and data breach involving the protected health information of 47,200 individuals. The attack was detected and blocked by Electromed on June 16, 2021, and the forensic investigation confirmed that files were accessed – and potentially… Read More »
Franklin, TN-based Community Health Systems has recently confirmed that it has been affected by a security incident at a cybersecurity firm that has seen unauthorized individuals gain access to the protected health information of up to 1 million patients. Community Health Systems is one of the largest health systems in the United States, and operates 79… Read More »