Change Healthcare finally spills the tea on what medical data was stolen by cyber-crew

June 21, 2024 at 05:43PM Change Healthcare has formally notified some pharmacy and hospital customers of a data breach by ransomware criminals in February. They are still identifying affected individuals and anticipate mailing letters to them in late July. The stolen information includes names, birth dates, phone numbers, and email addresses. The recovery process is … Read more

Change Healthcare lists the medical data stolen in ransomware attack

June 21, 2024 at 12:13PM UnitedHealth confirmed the exposure of a substantial quantity of medical and patient data in the Change Healthcare ransomware attack. The stolen data includes sensitive health and personal information of a large number of individuals. Notifications will be sent to affected individuals in July, with available resources for data protection and … Read more

Crooks get their hands on 500K+ radiology patients’ records in cyber-attack

June 20, 2024 at 05:56PM Consulting Radiologists recently suffered a cyberattack in which unauthorized parties accessed personal and medical information for 512,000 patients. The breached data included names, addresses, social security numbers, and medical records. The company is providing affected individuals with free credit monitoring and has employed cybersecurity assistance as part of its incident … Read more

LA County Dept. of Public Health Data Breach Impacts 200K

June 17, 2024 at 03:56PM The Los Angeles County Department of Public Health suffered a phishing attack on Feb. 19-20, leading to the compromise of 53 employees’ credentials and personal information of over 200,000 people. After disabling affected email accounts, the department launched an investigation and notified law enforcement. Potentially accessed sensitive information includes medical … Read more

Ascension Says Personal, Health Information Stolen in Ransomware Attack

June 14, 2024 at 10:27AM Ascension disclosed a ransomware attack compromising the personal and health information of unknown patients. The incident disrupted their electronic health record system, leading to patient diversions and an ongoing investigation. The attack exfiltrated files from seven servers, potentially containing PHI and PII. Ascension is offering free credit monitoring and identity … Read more

Ascension hacked after employee downloaded malicious file

June 13, 2024 at 05:57PM Ascension, a large U.S. healthcare system, disclosed that a ransomware attack in May 2024 was caused by an employee’s unintentional download of a malicious file. The attack affected patient records and led to offline devices. While investigation is ongoing, evidence shows stolen data may include Protected Health Information. The attack … Read more

Dangerous Liaisons: The Interaction Between Threat Actors and High-Risk Devices

June 11, 2024 at 08:03AM Forescout annually analyzes and presents risk scores for various devices based on configuration, behavior, and function. The score quantifies the risk of a dangerous liaison between threat actors and vulnerable devices. The report aims to increase awareness and prompt urgent attention to specific devices. It is based on fresh data … Read more

US senator claims UnitedHealth’s CEO, board appointed ‘unqualified’ CISO

May 31, 2024 at 05:34PM Senator Ron Wyden criticized UnitedHealth Group’s CEO for appointing an allegedly unqualified CISO, whom he believes contributed to the company’s recent ransomware attack. Wyden called for an investigation into the company’s failures, citing issues with its CISO’s background, lack of security measures, and a history of negligence. He urged the … Read more

2.8 Million Impacted by Data Breach at Prescription Services Firm Sav-Rx

May 28, 2024 at 07:03AM Pharmacy prescription services provider A&A Services, known as Sav-Rx, is notifying 2.8 million individuals of a cyberattack compromising personal information. Though patient care wasn’t disrupted, non-clinical system data was accessed, including names, addresses, email/phone numbers, and Social Security/insurance ID data. The company is not disclosing whether ransomware was used but … Read more

Cencora data breach exposes US patient info from 8 drug companies

May 24, 2024 at 11:48AM Cencora, a pharmaceutical services provider, suffered a data breach in February 2024 due to a cyberattack, compromising personal data of patients and medication information. This incident has affected major pharmaceutical companies in the US. Cencora has offered affected individuals two years of free identity protection and credit monitoring services. The … Read more