June 27, 2024 at 10:04AM Healthcare revenue cycle management services provider Designed Receivable Solutions (DRS) reported an increase in the number of individuals affected by a recent data breach to 585,000. The compromised information includes sensitive personal and health data. DRS is notifying individuals and offering identity protection services at no cost for 12 months. … Read more
May 28, 2024 at 07:03AM Australian digital prescription services provider MediSecure experienced a recent ransomware attack, leading to the theft of patients’ and healthcare providers’ personal and health information. The stolen data, including names, addresses, prescription details, and more, is reportedly being offered for sale on the dark web. Australian authorities are investigating the incident. … Read more
May 21, 2024 at 07:21AM CISA added a flaw in NextGen Healthcare’s Mirth Connect product, a widely used healthcare interface engine, to its KEV catalog. Tracked as CVE-2023-43208, the flaw can lead to unauthenticated remote code execution. A patch was released with Mirth Connect version 4.4.1. Microsoft reported ransomware attacks exploiting this and another flaw. … Read more
May 21, 2024 at 03:57AM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a security flaw in NextGen Healthcare Mirth Connect to its Known Exploited Vulnerabilities catalog. The flaw allows for unauthenticated remote code execution due to insecure usage of Java XStream library. Federal agencies are required to update to patched versions by June … Read more
May 13, 2024 at 07:36AM The Black Basta ransomware group has targeted over 500 organizations globally, impacting critical infrastructure in North America, Europe, and Australia. Operating under a Ransomware-as-a-Service (RaaS) model, the group has earned over $100 million in ransom payments. Cyber-attacks are conducted through phishing, exploiting vulnerabilities, and deploying ransomware. Mitigations are recommended by … Read more
May 8, 2024 at 10:01AM Blackwell Security, specializing in healthcare cybersecurity, raised $13 million led by General Catalyst and Rally Ventures. The funds will expand its Managed Healthcare Extended Detection and Response solution and US market offerings. The company’s MHXDR platform uses various security technologies and offers MDR, consulting, and advisory services, with Geyer Jones … Read more
April 15, 2024 at 05:55PM RansomHub gang leaks claims of stolen corporate and patient data from Change Healthcare after cyberattack. Previously linked to BlackCat/ALPHV ransomware operation, the gang threatened to release data unless a deal is reached. Screenshots of files show data-sharing agreements and patient information. Deadline set for payment of extortion demand or data … Read more
April 8, 2024 at 09:03AM Change Healthcare is reportedly facing a second ransomware attack by RansomHub, demanding a payment to avoid data exposure. This follows a previous attack by ALPHV, which the company allegedly paid $22 million to. Questions arise regarding why this has happened and theories suggest the initial payment may have led to … Read more
April 1, 2024 at 10:52AM Harvard Pilgrim’s healthcare biz discloses a data breach affecting 2.9 million individuals. Personal data, including clinical information, was compromised. Credit monitoring and identity protection services are offered. Cisco faced critical vulnerabilities with potential denial of service attacks. A decade-old worm, TheMoon, resurfaces targeting end-of-life routers and IoT devices. Sellafield Ltd … Read more
March 18, 2024 at 11:03PM UnitedHealth is in the process of restoring systems following a cyberattack by ransomware group ALPHV. The company has largely restored pharmacy claims and payment processing systems, and is now testing software for medical claims submission. The attack disrupted the healthcare system, prompting federal investigators to assess potential exposure of protected … Read more