Enzo Biochem ordered to cough up $4.5 million over lousy security that led to ransomware disaster

August 14, 2024 at 01:10PM Biotech company Enzo Biochem is required to pay a $4.5 million penalty to three state attorneys general after a 2023 ransomware attack compromised data for over 2.4 million individuals. The company’s poor cybersecurity practices allowed attackers to gain access, impacting New York, New Jersey, and Connecticut residents. Enzo is now … Read more

Inc Ransomware Encryptor Contains Keys to Victim Data Recovery

August 13, 2024 at 04:26PM The Inc ransomware group recently targeted McLaren Health Care, disrupting its IT and phone systems and triggering “downtime procedures.” McLaren initially didn’t confirm if patient or employee information was compromised, but a leaked ransom note indicated Inc’s data hostage. GuidePoint Security suggests using leaked data from Inc’s encryptor for successful … Read more

3AM ransomware stole data of 464,000 Kootenai Health patients

August 13, 2024 at 11:24AM Kootenai Health reported a data breach affecting 464,000 patients. Personal information was stolen and leaked due to a ransomware attack by the 3AM group. The meeting notes indicate that Kootenai Health has experienced a data breach affecting more than 464,000 patients. This breach occurred as a result of a ransomware … Read more

Researchers Uncover Vulnerabilities in AI-Powered Azure Health Bot Service

August 13, 2024 at 10:12AM Researchers discovered critical security flaws in Microsoft’s Azure Health Bot Service, allowing unauthorized access to patient data and system resources. Tenable reported finding vulnerabilities related to data connections and an endpoint supporting the Fast Healthcare Interoperability Resources data exchange format. Microsoft has since patched these issues, emphasizing the importance of … Read more

UK IT provider faces $7.7 million fine for 2022 ransomware breach

August 7, 2024 at 02:54PM The UK’s ICO has provisionally decided to fine Advanced Computer Software Group Ltd (Advanced) £6.09M for failing to protect the personal information of tens of thousands in a ransomware attack. The breach impacted 83,000 people and various healthcare products. The final decision is pending Advanced’s response, potentially totaling $7.74 million. … Read more

Personal, Health Information Stolen From Pharma Giant Cencora

August 1, 2024 at 05:48AM Pharma giant Cencora confirmed the theft of personal and health information in a February 2024 cyberattack. The incident was disclosed in a regulatory filing, revealing that additional data was compromised beyond the initial discovery. Cencora has completed its review of the stolen information and provided notifications to impacted individuals and … Read more

OneBlood’s virtual machines encrypted in ransomware attack

July 31, 2024 at 02:19PM OneBlood, a major U.S. blood center, faces an IT outage due to a ransomware attack. This affects blood collection and distribution, potentially impacting surgeries and treatments. Operations are reduced, encouraging urgent O Positive, O Negative, and Platelet donations. Similar to a UK incident, the attack prompts hospital blood shortage protocols … Read more

Ransomware Attack Hits OneBlood Blood Bank, Disrupts Medical Operations

July 31, 2024 at 01:51PM OneBlood, a non-profit blood bank, suffered a disruptive ransomware attack affecting its software system and operations. Although still operational, the organization is working at reduced capacity and implementing manual processes. It is collaborating with specialists and agencies to address the attack. The technical details of the ransomware remain undisclosed. This … Read more

U.S. DoJ Indicts North Korean Hacker for Ransomware Attacks on Hospitals

July 26, 2024 at 05:00AM The U.S. Department of Justice indicted a North Korean operative for ransomware attacks on healthcare facilities to fund illicit activities. The U.S. Department of State offered up to $10 million for information. The operative is linked to a hacking crew deploying the Maui ransomware, targeting U.S. Air Force bases and … Read more

57,000 Patients Impacted by Michigan Medicine Data Breach

July 24, 2024 at 10:42AM Michigan Medicine, the University of Michigan’s academic medical center, is notifying 57,000 individuals about a data breach. Threat actors gained access to employee email accounts, potentially compromising personal and health information. Though no evidence of patient data theft was found, sensitive information like names, addresses, and medical record numbers may … Read more