Tagged With "PHI"
Topic
Cybersecurity Notes
Cybersecurity Denton County of Texas notified 1,286,106 patients that their PHI may have been exposed after it was inadvertently exposed online from a COVID-19 database. The FBI published a warning to businesses in the U.S. of an expected increase in ransomware attacks during upcoming holiday season. Beaumont Health of Michigan notified 1,500 patients that their PHI was exposed after cyber security incident. Tech Republic magazine reports that “Cybercriminals are holding schools ransom for...
Topic
Cybersecurity Notes
Central Texas Medical Specialists, aka Austin Cancer Centers, notified an unknown number of patients that their PHI was exposed after ransomware attack. The Alaska Department of Health & Social Services notified an unknown number of patients that their PHI was exposed after ransomware attack. Simon Eye, headquartered in Wilmington, Delaware, notified an unknown number of patients that their PHI was exposed after email phishing attack. The City of Mount Vernon in New York notified an...
Topic
Cybersecurity Notes
The VA Medical Center in Atlanta, Georgia notified an unknown number of patients that their PHI was apparently sitting on 10 pallets in the basement, have finally been scanned into the EHR. Robert Lizaragga of Oregon pleaded guilty illegally using the identity of a child who died 30 years ago, after stealing the PHI. The Port of Houston, TX announced it had successfully defended itself from a ransomware attack, which could have disrupted their operations. UC San Diego Health of California...
Topic
Cybersecurity Notes
Deloitte published results of survey: 98% of C-suite executives have come across at least one cybersecurity event during last year 86% have noticed uptick in attacks 14% have no incident response plan 40% of healthcare organizations have not yet implemented an incident response plan 27% are most worried about actions of “well-meaning” employees who inadvertently allow hackers in 41% have implemented solutions to monitor staff use of network The federal Dept. of Health & Human Services...
Topic
Healthcare struggles to get rid of fax
Healthcare struggles to get rid of fax Research published by Council for Affordable Quality Healthcare Only 21% of the 182 million “prior authorization (PA) contracts” were fully electronic in 2020 (A prior authorization or pre-authorization, is a requirement from patient’s health insurance company that their doctor obtain an approval from their plan before it will cover the costs of a specific medicine, medical device or procedure) Physicians burn 16 hours per week on prior authorization...
Topic
Cybersecurity Notes
Cybersecurity Updates Positive Technologies published research that 93% of penetration tested computer networks are vulnerable to some type of security breach. 71% of the cases, an attacker could affect businesses in a way deemed “unacceptable” Fort Smith Health Centre of Fort Smith, Canada notified an unknown number of patients that their PHI was exposed after paper medical records were discovered spread across the floor in a staff washroom. SonicWall notified an unknown number of customers...
Topic
Cybersecurity Notes
Cybersecurity Updates Kyoto University of Japan lost 77 terabytes of critical research data after a flawed update was sent out by Hewlett Packard Enterprise. 67% of respondents to survey claim that they have experienced at least one ransomware attack in last 12 months Morgan Stanley Corp. agreed to pay $60 million to settle lawsuit regarding breach that happened in 2016. CyberEdge Group publishes survey on what CIOs plan to buy in 2022 for endpoint security: o 22.2% = antimalware o 30.4% =...
Topic
Cybersecurity Notes
Cybersecurity Updates Anne Arundel Medical Center/Luminis Health of Maryland notified an unknown number of patients that their PHI was exposed after email phishing attack. South Georgia Medical Center of Valdosta, Georgia announced that a former employee was arrested for stealing PHI that affected an unknown number of patients. The International Committee of the Red Cross, headquartered in Switzerland, notified an unknown number of donors that their PHI was exposed after ransomware attack.
Topic
Cybersecurity Notes
Cybersecurity Spokane Health District of Washington notified an unknown number of patients that their PHI was exposed after email phishing attack. Welfare, Pension, and Annuity Funds of Local No. ONE I.A.T.S.E. of New York notified 20,579 patients that their PHI was exposed after email phishing attack. Loyola University Medical Center of Illinois notified 16,934 patients that their PHI was exposed after email phishing attack. Signature Healthcare Brockton Hospital of Massachusetts notified...
Topic
Cybersecurity Notes
The San Francisco 49ers NFL football team notified an unknown number of customers that their info may have been exposed after ransomware attack. Suncoast Skin Solutions of Florida notified 57,730 patients that their PHI was exposed after ransomwar attack. South City Hospital of St. Louis, Missouri, notified 21,601 patients that their PHI was exposed after server was stolen Colorado Department of Human Services notified 6,132 patients that their PHI after cyberattack. Sound Generations of...
Topic
Cybersecurity
The U.S. federal government is warning organizations that cyberattacks will increase due to the war in Ukraine. Fed gov warns healthcare industry that hackers are using the “Log4j” vulnerability in devices (including some printers and MFPs) to infiltrate networks. The federal Office for Civil Rights (aka HIPAA police) reported that it is aware of 2,304,607 patients that had their PHI exposed in 1/2022 due to breaches. 58% of organizations that have been hit with ransomware have paid the...
Topic
Cybersecurity Notes
Denso Car Parts manufacturing notified an unknown number of customers that their info was exposed after ransomware attack. Protenus Security published results of US healthcare vertical breach data collected in 2021: 50,406,838 patients had their PHI exposed due to a breach, up 24% 75% of breaches caused by external hackers 13% caused by insiders Breaches were undiscovered for an average of 132 days 5% of all breaches involved paper medical records (print, copy, fax Verizon published...
Topic
Cybersecurity Notes
St. Joseph’s Healthcare Hamilton of Canada announced it has fired an employee for illegally accessing the PHI of at least 4 dozen patients. Val Verde Regional Medical Center of Del Rio, TX notified 96,000 patients that their PHI was exposed after ransomware attack. Spokane Regional Health District of Washington notified 1,260 patients that their PHI was exposed after second email phishing attack in past 3 month. Cancer and Hematology Centers of Western Michigan notified an unknown number of...
Topic
Cybersecurity Notes
Viasat Corp. notified tens of thousands of customers of its consumer broadband modems that devices may have been compromised by recent Russain AcidRain malware attack. Bradley International Airport of Connecticut notified an unknown number of customers that their info may have been exposed after cyber attack. Smartmatic Inc., one of the providers of voting machines in the U.S., admitted that it suffered a data leak, and terminated an employee involved. German police claim they have shut down...
Topic
Cybersecurity Notes
The federal government published warning for healthcare industry of 3 hacking groups that are attacking healthcare organizations of all sizes: Hive Lapus$ Conti Adaptive Health Integrations of Williston, North Dakota notified 510,600 patients that their PHI was exposed after a hacking incident. Urgent Team Holdings, headquartered in Nashville, TN notified 166,600 patients that their PHI was exposed after cyber security attack. Kiteworks published results of survey: 65% admit that they share...
Topic
CloudWave and Tausight Partner to Provide Cloud-Based Managed Service for Industry's ...
BOSTON AND MARLBOROUGH, Mass. — New Security-as-a-Service offering mitigates information sharing risk with unprecedented level of PHI detection with the convenience and security of the OpSus Healthcare Cloud Tausight , the PHI detection company for healthcare, and CloudWave , the largest independent provider of EHR hosting and managed healthcare cloud services, today announced a strategic partnership to provide healthcare organizations with a cloud-based managed service for detecting,...
Topic
Cybersecurity Update
New Creation Counseling Center of Tipp City, Ohio notified 24,029 patients that their PHI was exposed after ransomware attack. American Dental Association, headquartered in Chicago, IL, notified 161,000 dentists that their patient’s PHI may have been exposed as a result of Black Basta ransomware attack. The Acacia Network of New York notified an unknown number of patients that their PHI was exposed after an email phishing attack. This includes; Bronx Accountable Healthcare Network, Bronx...
Topic
Cybersecurity Notes
Facebook agreed to pay more than a million Americans at least $345 for collecting data without their consent, as part of a $650 million settlement regarding illegally sharing user data. The County of Somerset in New Jersey notified an unknown number of citizens that their info was exposed after ransomware attack. Boston Children’s Hospital in Massachusetts was attacked by Iranian hackers, according to report from the FBI. Daniel Bruck LaCour, owner of LaCour Printing Solutions of Dothan,...
Topic
Cybersecurity Notes
American Hospital Association is reporting that 33 hospitals have provided PHI on 26 million patients to Facebook, via a tracking tool. MCG Health Software, headquartered in Seattle, WA, notified an unknown number of patients that their PHI was exposed after cyber attack. CHI Health of Omaha, Nebraska notified an unknown number of patients that their PHI was exposed after cyber attack. Avera McKennan Hospital of South Dakota notified 900 patients that their PHI was exposed after cyber...
Topic
Cybersecurity Notes
Carnival Cruise Lines paid $1.25 million to settle a lawsuit alleging negligence after a huge breach. Khuzestan Steel of Iran was forced to shut down after a cyberattack, accusing Israel and USA of being behind the attacks. Fitzgibbon Hospital of Missouri notified an unknown number of patients that their PHI was exposed after ransomware attack. Express Scripts, headquartered in Missouri notified an unknown number of patients that their PHI was exposed after cyber attack. Comstar Ambulance...
Topic
Cybersecurity Notes
657 healthcare facilities across the USA were notified by their accounts receivable management vendor, Professional Finance Company of Greeley, CO, that a ransomware attack resulted in exposure of PHI for an unknown number of patients around the country ATC Healthcare of Lake Success, NY notified an unknown number of patients that their PHI was exposed after email phishing attack. Community of Hope in Washington D.C. notified an unknown number of patients that their PHI was exposed after...
Topic
Cybersecurity Notes
Leading hacking group is Conti of Russia Started in 2020 and is successor of Ryuk aka Wizard Spider group Most popular target is manufacturing vertical 40% of Conti ransomware victims are businesses in the $10 million to $50 million revenue range Hackers looking for businesses who can afford to pay a substantial ransom but do not yet a mature security practice Need for strong protections against hackers moving laterally Repertoire magazine reports on healthcare cybersecurity 83% of...
Topic
Cybersecurity Notes
Practice Resources, headquartered in Syracuse, NY, notified 942,138 patients that their PHI was exposed after a ransomware attack. Brookwood Baptist Medical Center of Birmingham, Alabama notified an unknown number of patients that their PHI was exposed after email phishing attack. McKinney Methodist Hospital of McKinney, Texas, notified an unknown number of patients that their PHI was stolen after a ransomware attack conducted by the Karakurt hacking group in Russia. Zenith American...
Topic
Cybersecurity Notes
The North Dakota Workforce Safety & Insurance agency notified an unknown number of members that their PHI was exposed after cyber attack. Fremont County Government of California notified an unknown number of citizens that their info was exposed after a cyber attack. The California Department of Corrections and Rehabilitation (CDCR) notified an unknown numbernof prisoners that their info was exposed after breach. Retailer Sephora has been fined $1.2 million as part of a settlement...
Topic
Cybersecurity Notes
The IRS admitted that it inadvertently published the financial info of 120,000 taxpayers’ info on a publicly accessible website. Ponemon Research published new report on cybersecurity issues in healthcare 89% of organization surveyed had been hit by at least one cyberattack in last 12 months $4.4 million is average total cost for a breach in past 12 months $1.1 million is average cost of lost productivity due to EHR downtime as result of breach $1 million is average cost of disruption to...
Topic
Cybersecurity Notes
cybersecurity breaches in the news The Office for Civil Rights in the Department of Health & Human Services (aka HIPAA police) sent out press release stating that they have now documented 5,000 major data breaches of PHI since 2009, when it first started tracking breaches 369 million people have had their PHI exposed 25% of all ransomware attacks are aimed at healthcare vertical, making it top target 91% are concerned about ransomware attacks – SonicWall survey Regions Hospital of Saint...
Topic
Cybersecurity Notes
The Biden White House has scheduled the second International Counter Ransomware Summit Includes representatives from 36 countries Also included private sector security solution firms Goal is to develop best practices to fend off ransomware attacks. KELA Cyber Intelligence published report that shows hackers are selling access to 576 corporate networks for cumulative sales price of $4 million Other hackers will buy to gain access to steal info and/or install ransomware Average selling price...
Topic
Cybersecurity Notes
cybersecurity The federal government sent out a warning to the US healthcare industry that hacking group in the country of Iran are ramping up their attacks. Groups include: Pioneer Kitten UNC3890 Magic Kitten Also is warning of increased attacks from the Karakut hacking gang in Russia Aveanna Healthcare, headquartered in Atlanta, Georgia, agreed to pay $425,000 to the State of Massachusetts after a breach exposed PHI of 166,000 patients across 33 states. The State of Mississippi government...
Topic
Cybersecurity Notes
One Brooklyn Health, headquartered in Brooklyn, New York, may be notifying a large number of patients that their PHI may have been exposed after cyber incident. Community Health Network, headquartered in Indianapolis, IN notified an unknown number of patients that their PHI was exposed after it was inadvertently shared with Facebook and Google. Yakima Neighborhood Health Services of Washington state, notified 2,689 patients that their PHI was exposed after cyber security incident. University...
Topic
Cybersecurity Notes
40 million patients have had their PHI exposed due to breaches so far this year, according to USA Today newspaper. WhatsApp is denying reports that a breach exposed the data of 6.1 million users Crown Point Community Schools of Indiana notified an unknown number of students that their info was exposed after cyber attack. Kenosha Unified School District of Wisconsin notified an unknown number of students that their info was exposed after cyber attack. Connexin Software, aka Office Practicum,...
Topic
Cybersecurity Notes
cybersecurity news Scripps Health, headquartered in San Diego, CA, agreed to pay $3.5 million to settle lawsuit alleging negligence regarding a ransomware attack in 2021 that exposed the PHI of over 1 million patients. The federal Office for Civil Rights (aka HIPAA police) is reminding healthcare facilities the heavy penalty if they do not properly dispose of paper PHI. A small clinic in Massachusetts was recently fined $300,640 after PHI was found in garbage bin. St. Rose Hospital of...
Topic
Cybersecurity Notes
Volvo Automotive notified an unknown number of customers that their info may have been exposed after ransomware attack. CentraState Medical Center of Freehold Township, New Jersey, notified an unknown number of patients that their PHI may have been exposed after recent cybersecurity event. Allure Esthetic Plastic Surgery of Seattle, WA is being used by State of Washington for allegedly for falsely inflating online ratings, bribing, and threatening patients Lake Charles Memorial Health System...
Topic
Cybersecurity Notes
The FBI announced that a hacker in Switzerland, accessed the FAA’s “no-fly” list, which lists 1.5 million people The American Hospital Association is warning hospital of the threat of Daixin ransomware gang. The group steals PHI and installs ransomware for profit The Health Sector Cybersecurity Coordination Center published warning regarding hackers now using artificial intelligence to aid in creating more dangerous malware to hack into healthcare facility networks. St. Margaret’s Health of...
Topic
Cybersecurity Notes
Cybercrime will grow from $3 trillion in 2015 to $10.5 trillion in 2025 – Work Economic Forum 2023 Stratford University of Virginia notified 78,692 students that their info was exposed after cyber attack. Zacks Investment Research notified 820,000 customers that their info was exposed after ransomware attack. Lutheran Social Services of Illinois notified 184,183 patients that their PHI was exposed after ransomware attack. Indianapolis Housing Authority notified 25,000 residents that their...
Topic
Cybersecurity Notes
LCMC Health of New Orleans, LA notified an unknown number of patients that their PHI may have been exposed after the data apparently was shared with Facebook. Willis-Knighton Health of Shreveport, LA notified an unknown number of patients that their PHI may have been exposed after the data apparently was shared with Facebook. Community Health Systems (CHS), headquartered in Nashville, TN, notified 1 million patients that their PHI was exposed after cyber attack. CommonSpirit Health,...
Topic
Cybersecurity Notes
cybersecurity notes Rehoboth McKinley Christian Health of New Mexico announced it paid a large settlement to end a lawsuit against the facility claiming negligence regarding a breach caused by ransomware attack. Lehigh Valley Health Network of Pennsylvania notified an unknown number of patients that their PHI may have been exposed after a ransomware attack from BlackCat hacking gang in Russia. Regional One Health of Memphis, TN notified an unknown number of patients their PHI may have been...
Topic
Cybersecurity Notes
The White House stated it is giving U.S. federal agencies 30 days to delete TikTok app from all government issued mobile devices, due to fears that the Chinese government could use the Chinese app to steal data. Russell County Hospital of Kentucky stated that it will spend $2.5 million to implement solution to protect itself from future ransomware attacks. The federal government published warning to the healthcare industry about new attacks from the MedusaLocker ransomware hackers. DNA...
Topic
Cybersecurity Notes
Aloha Nursing Rehab Centre of Hawaii notified 20,216 patients that their PHI was exposed after cyber attack. Dental Health Management Solutions of Texas notified 3,205 patients that their PHI was exposed after cyber attack. The feds are warning of attacks from the Lazarus hacking group in North Korea, with recent attacks on the financial vertical. The FBI is investigating a breach of a federal healthcare database that exposed the PHI of an unknown number of Washington DC citizens, as well...
Topic
Cybersecurity Notes
The Pentagon announced that an IT worker and Air National Guard airman was allegedly responsible for leaking top secret documents regarding the war in Ukraine. NBC News reported that a printed document was found on the street in Belfast, Ireland detailing the itinerary of President Biden’s visit to the country. IBM reports that time to execute ransomware has dropped 94% over last few years Bitdefender published report that says 42% of IT professionals have been told by their upper management...
Topic
Cybersecurity Notes
The San Bernardino County Sheriff’s Department of California notified an unknown number of citizens and employees that their info may have been exposed after cyberattack. The Jackson Public School District and Hillsdale Public School District of Michigan notified an unknown number of students that their info was exposed after ransomware attack. The Elk Grove Public School District of California notified an unknown number of students that their info was exposed after cyber attack. McLaren...
Topic
Cybersecurity Notes
Blackberry Research report: 12 malware attacks per minute U.S. is most targeted of all countries 60% of all attacks are finance/healthcare/grocery industries Top malware attack on healthcare from: Emotet, RedLine, BlackCat, Royal, Cobalt Strike and Mallox Critical Insight research published: PHI stolen up 35% 28 million patients impacted in last 6 months of 2022 Northwell Health of New York field a lawsuit against a former employee for illegally posting information on deceased patients.
Topic
Cybersecurity Notes
The Chinese Communist Party (CCP) unleashed the Volt Typhoon cyberespionage malware attack on US government infrastructure on the island of Guam. “Microsoft assess with moderate confidence that this CCP campaign is pursuing development of capabilities that could disrupt critical communications between US and Asia region during future crises” Cadwallader Wickersham and Taft Law Firm of New York City, NY notified 93,000 clients that their info may have been exposed after cyber attack. Apria...
Topic
Cybersecurity Notes
Albany ENT & Allergy Services of New York has notified 224,486 patients that their PHI may have been exposed after ransomware attack. Cleveland Clinic notified an unknown number of patients that their PHI was exposed after one of its medical billing vendors, MedInform of Ohio, was hit by ransomware. Idaho Falls Community Hospital notified an unknown number of patients that their PHI was exposed after ransomware attack. Mountain View Hospital of Idaho notified an unknown number of...
Topic
Cybersecurity Notes
The US Department of Agriculture notified an unknown number of employees that their info was exposed during recent MOVEit ransomware attack. The Oregon Department of Transportation notified 3.5 million people that their info was exposed during recent MOVEit ransomware attack. The Louisiana Department of Transportation notified an unknown number of employees that their info was exposed during recent MOVEit ransomware attack. The Office of the Director of National Intelligence (ODNI) released...
Topic
Cybersecurity Notes
American Airlines and Southwest Airlines have both notified thousands of their pilots that their personal info was exposed after cyber attack on vendor, Pilot Credentials Microsoft published warning about hackers aiming their efforts at devices running Linux systems that have Internet access IntelliHARTx, a hospital billing company, is being sued for alleged negligence regarding a breach that exposed PHI of an unknown number of patients from: AtlantiCare Regional Medical Center of New Jersey...
Topic
Cybersecurity Notes
Gates Corporation, headquartered in Denver, CO, a fluid power transmission manufacturer, notified 11,090 people that their info was stolen after a ransomware attack. The Town of Jackson, Ohio, notified an unknown number of citizens that their info may have been exposed after a cyber attack. Microsoft published warning that Russian hackers are actively exploiting security vulnerabilities in Windows and Office software Possible remote code execution to launch ransomware Politico magazine is...
Topic
Cybersecurity Notes
Tampa General Hospital of Florida notified 1.2 million patients that their PHI may have been exposed after ransomware attack. Public Health Management Corporation, headquartered in Philadelphia, PA notified an unknown number of patients that their PHI was exposed after cyber attack. Phoenician Medical Centers of Arizona notified 162,500 patients that their PHI was exposed after cyber attack. Henry Ford Health of Detroit, MI, notified 168,000 patients that their PHI was exposed after email...
Topic
Cybersecurity Notes
1st Source Bank, headquartered in South Bend, Indiana, notified 20 million customers that their account info may have been exposed after ransomware attack from Clop hackers from Russia American Airlines, headquartered in Dallas, TX, notified an unknown number of flyers that their info may have been exposed after ransomware attack. Franklin Mint Federal Credit Union of Pennsylvania notified 141,000 customers that their info may have been exposed after ransomware attack. Athene Annuity and...
Topic
Cybersecurity Notes
McAlester Regional Health Center of Oklahoma notified an unknown number of patients that their PHI was stolen any may now be for sale on Dark Web after being hit by the Karakurt ransomware hacking gang of Russia. Yakima Valley Memorial Hospital of Washington announced it will pay $240,000 to settle a lawsuit alleging negligence regarding an incident when 23 security guards were caught snooping through patient medical records. Chattanooga Heart Institute of Tennessee notified 170,450 patients...
Topic
Cybersecurity Notes
The IRS has lost track of millions of sensitive taxpayer records after a watchdog group found empty boxes at an IRS document storage facility in Ogden, Utah that were supposed to contain 168 microfilm cartridges with images of millions of records. Prospect Medical Holdings, headquartered in Los Angeles, CA, updated the list of healthcare facilities that were affected by cyber attack: Bellflower Behavioral Health of CA Foothill Regional Medical Center of CA Los Angeles Community Hospital of...