Skip to Content

Health Sector Breaches

Health sector breaches recently reported to the US Department of Health and Human Services (HHS) include a network disruption affecting more than 250,000 patients at Bay Bridge Administrators, a network intrusion affecting more than 60,000 patients at Circles of Care Providers, and a data exposure affecting more than 35,000 patients at the Elizabeth Hospice. Note …

Read More about Health Sector Breaches

New Jersey Hospital Discloses Cyber Incident

CentraState Medical Center in New Jersey is operating under electronic health record (EHR) downtime following a cybersecurity incident that began last month. The medical center is also sending patients to other hospitals in the area due to the IT disruptions. Note Despite LockBit’s actions, hospitals and medical remain top targets for attackers. Even so, don’t …

Read More about New Jersey Hospital Discloses Cyber Incident

LockBit Ransomware Gang Gives Decryptor to Toronto Children’s Hospital

Updated on 2023-01-05: SickKids ransomware attack The LockBit ransomware gang has apologized for its attack on the Sick Kids Hospital chain and released a free decrypter to help the victim recover files without paying. Updated on 2023-01-02 LockBit apologized for the attack on SickKids, Canada, and released a free decryptor for the hospital. It claimed …

Read More about LockBit Ransomware Gang Gives Decryptor to Toronto Children’s Hospital

US Senator Calls for Improved Healthcare Sector Cybersecurity

US Senator Mark Warner (D-Virginia) wants the Department of Health and Human Services. And the Cybersecurity and Infrastructure Security Agency (CFISA) to improve their collaboration in their efforts to protect the health care sector from cyberattacks. Warner has published a policy options paper that addresses “various challenges and proposals aimed at changing the way that …

Read More about US Senator Calls for Improved Healthcare Sector Cybersecurity

Analytics Code May Have Leaked Personal Health Data

Updated on 2022-10-26 Advocate Aurora Health informed the federal government that it suffered a privacy breach involving unauthorized access or disclosure of patient details, blaming Google and Facebook web tracking technologies. Read more: Health Entity Says Tracking Code Breach Affects 3 Million Overview The Advocate Aurora Health (AAH) network, which operates in Wisconsin and Illinois, …

Read More about Analytics Code May Have Leaked Personal Health Data

Medibank Shut Down Systems Over the Weekend to Make Security Improvements

Updated on 2022-12-08: Medibank Shut Down Systems Over the Weekend to Make Security Improvements Over the weekend, Australian health insurance company Medibank took its IT systems offline, closed its branches, and brought in Microsoft’s response team to help them make security improvements. Medibank suffered a cyber security breach in October and is still reeling from …

Read More about Medibank Shut Down Systems Over the Weekend to Make Security Improvements

Former Doctor Pleads Guilty to HIPAA Violation

A former physician has pleaded guilty to violating the US Health Insurance Portability and Accountability Act (HIPAA). Frank Alario pleaded guilty “to conspiring to wrongfully disclose patients’ individually identifiable health information to pharmaceutical sales representative Keith Ritson in violation of the criminal provisions of the Health Insurance Portability and Accountability Act (HIPAA).” Ritson is scheduled …

Read More about Former Doctor Pleads Guilty to HIPAA Violation

NHS vendor Advanced won’t say if patient data was stolen during ransomware attack

Updated on 2022-10-17: Advanced incident Advanced, one of the biggest IT providers for the UK NHS, disclosed a security breach last week, admitting they had their IT network compromised following an infection with the LockBit 3.0 ransomware. “The threat actor initially accessed the Advanced network using legitimate third-party credentials to establish a remote desktop (RDP) …

Read More about NHS vendor Advanced won’t say if patient data was stolen during ransomware attack

CommonSpirit finally notifies of ransomware attack

Updated on 2022-12-08 Patients of at least seven Washington state hospitals affiliated with CommonSpirit have been impacted by the breach of the hospital chain in October, revealed investigation. Read more: CommonSpirit Health Provides Cyberattack Update and Notification of Data Breach Involving Virginia Mason Franciscan Health in Washington state Updated on 2022-12-04: CommonSpirit finally notifies of …

Read More about CommonSpirit finally notifies of ransomware attack

Health Sector Coordinating Council Cybersecurity Working Group Asks NIST for Guidance Specific to Small and Lesser-Resourced Entities

The Health Sector Coordinating Council Cybersecurity Working Group has asked the US National Institute of Standards and Technology (NIST) to provide guidance for small and lesser-sourced healthcare organizations. The request comes in response to NIST’s request for comment on SP 800-66r2 initial public draft; it asks NIST to “create an entirely separate document specifically for …

Read More about Health Sector Coordinating Council Cybersecurity Working Group Asks NIST for Guidance Specific to Small and Lesser-Resourced Entities

Medical Device Cybersecurity Mandate Dropped from FDA Authorization Bill

The US Food and Drug Administration (FDA) appropriations bill has passed, but cybersecurity provisions introduced in the House version were removed when the bill went to Senate. The bill gives the FDA the authority to collect fees from healthcare organizations for reviewing new drugs and medical devices. Note This is an unfortunate victory for the …

Read More about Medical Device Cybersecurity Mandate Dropped from FDA Authorization Bill

Physician’s Business Office data breach

Updated on 2022-09-28: Healthcare services organization spills data West Virginia-based Physician’s Business Office notified 196,573 individuals about a breach that exposed their personal data and Protected Health Information (PHI). Hackers could have accessed patient names, SSNs, driver’s licenses, treatments, diagnoses, contact details, disability codes, prescription information, and health insurance account details. Overview West Virginia-based Physician’s …

Read More about Physician’s Business Office data breach
Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.