Businesses are appreciating the importance of cybersecurity and realizing that they need to invest more heavily in cybersecurity as threats are evolving at such a rapid pace. The challenge for businesses is ensuring that their defenses allow them to stay one step ahead of cybercriminals, but the frequency at which data breaches are being reported… Read More »
The Secretary of the Department of Health and Human Services, Xavier Becerra, is expected to extend the COVID-19 Public Health Emergency (PHE) today (October 13, 2022) for the 11th time. The COVID-19 PHE was first declared in January 2020 by then HHS Secretary, Alex Azar II, with the last extension issued by Becerra on July… Read More »
A major data breach has occurred at the management company of multiple providers of anesthesia services to hospitals. According to a media breach notice from one of the affected providers, Anesthesia Associates of El Paso, the data breach occurred at its unnamed management company on July 15, 2022. Unauthorized individuals gained access to the IT… Read More »
On October 3, 2022, CommonSpirit Health experienced a data security incident that forced it to take systems offline, including its electronic medical record (EHR) and other critical IT systems. These steps were taken to protect systems from damage, contain the breach, and prevent unauthorized access to sensitive data. CommonSpirit Health issued a statement on October… Read More »
Ransomware attacks continue to plague the healthcare industry. The attacks disrupt operations due to essential IT systems being taken offline, the lack of access to electronic health records causes patient safety issues, and it is common for emergency patients to be redirected to other facilities immediately after attacks and for appointments to be postponed. Recently,… Read More »
United Health Centers of the San Joaquin Valley (UNC) has proposed a settlement to resolve a class action lawsuit filed on behalf of patients affected by its August 2021 Vice Society ransomware attack. The attack in question saw the ransomware actors gain access to its network and exfiltrate files that contained patient information such as… Read More »
Pennsylvania-based Aesthetic Dermatology Associates has recently confirmed that its network has been accessed by unauthorized individuals who potentially viewed and/or acquired files containing the personal and protected health information of 33,793 current and former patients. The cyberattack was detected on August 15, 2022, when suspicious activity was detected within its network. An investigation was launched… Read More »
Cardiac Imaging Associates in Los Angeles, CA, has discovered an unauthorized individual has accessed an employee’s email account. The incident was detected in April 2022, and immediate action was taken to secure its email environment to prevent further unauthorized access. The forensic investigation confirmed the incident was confined to a single employee email account, which… Read More »
A former physician with practices in New Jersey, New York, and Florida has pleaded guilty to criminal violations of HIPAA for disclosing patients’ protected health information to a sales representative of a pharmaceutical firm, according to the U.S. Attorney’s Office of the District of New Jersey. The Frank Alario, 65, of Delray Beach, Florida, pleaded… Read More »
It has become increasingly common for threat actors to use living-off-the-land techniques for conducting reconnaissance, privilege escalation, persistence, and moving laterally within networks undetected. The same software and security tools used by network administrators and red team professionals for legitimate purposes are abused and used to conduct attacks on victims’ infrastructure. Threat actors leverage software… Read More »