Cybersecurity

Washington hospital offers class-action settlement over ransomware attack

Laura Dyrda - Thursday, July 2nd, 2020
Aberdeen, Wash.-based Grays Harbor County Hospital is offering to settle a class-action lawsuit related to a 2019 cyberattack that exposed patients' protected health information.
Magellan Health ransomware attack exposed info of more than 364,000 people

Jackie Drees - Thursday, July 2nd, 2020
Magellan Health and several of its entities have reported email hacking incidents affecting 364,892 individuals' health information due to an April ransomware attack on the Phoenix-based managed care company.
HHS may consider changes to HIPAA

Laura Dyrda - Wednesday, July 1st, 2020
HHS may consider proposing modifications to HIPAA rules to allow for more coordinated care in a value-based healthcare context.

How hackers negotiated with UCSF for $1M+ ransom: 5 things to know

Jackie Drees - Wednesday, July 1st, 2020
Ransomware gang Netwalker attacked the University of California San Francisco medical school's computer systems June 1, initially demanding a $3 million ransom, according to BBC News.
Clinic employee takes phishing bait, may have exposed 19,000 patients' info: 4 details

Laura Dyrda - Tuesday, June 30th, 2020
An employee of a Houston area health clinic responded to a phishing email that allowed unauthorized access to thousands of patients' information in the email account, the health system running the clinic said.
UnityPoint Health to pay $2.8M+ settlement over phishing attacks: 6 details

Laura Dyrda - Monday, June 29th, 2020
West Des Moines, Iowa-based UnityPoint Health agreed to settle a proposed class action lawsuit related to two cybersecurity issues that compromised patient information, according to Law360.
10 health system malware, ransomware and phishing incidents this month

Katie Adams - Monday, June 29th, 2020
Here are the health system malware, ransomware and phishing incidents Becker's Hospital Review reported during June.

UF Health business associate email hack exposes info of health plan members

Laura Dyrda - Monday, June 29th, 2020
University of Florida, UF Health Shands in Gainesville and UF Health Jacksonville all reported email hacking incidents associated with an attack on a business associated that affected thousands of individuals.
Iowa MSO employee accidentally sends 11,581 patients' info to healthcare provider

Laura Dyrda - Monday, June 29th, 2020
Iowa Total Care, a health plan, reported a data breach that affected thousands of individuals.
UCSF pays $1M+ ransom to unlock medical school's computer systems

Jackie Drees - Monday, June 29th, 2020
University of California San Francisco confirmed that it paid $1.14 million to hackers after a June 1 ransomware attack on its medical school's computer servers.
Philips reports vulnerability in some ultrasound software: 4 details

Laura Dyrda - Friday, June 26th, 2020
Health tech company Philips issued a notification of a low-severity vulnerability for specific versions of its ultrasound software applications on June 24.

Zoom taps Salesforce exec as new CISO

Jackie Drees - Wednesday, June 24th, 2020
Jason Lee, who most recently served as senior vice president of security operations at Salesforce, will join Zoom as the company's new CISO, effective June 29.
American Medical Technologies data security incident exposes 47,767 individuals' info

Laura Dyrda - Wednesday, June 24th, 2020
Irvine, Calif.-based American Medical Technologies reported a data security incident that affected thousands of individuals' information.
Cano Health email hack exposes 28,268 patients' info

Laura Dyrda - Wednesday, June 24th, 2020
Miami, Fla.-based Cano Health, a population health management company that operates primary care medical centers, reported a data breach affecting thousands of individuals.
Missouri county COVID-19 dashboard accidentally posts personally identifiable info online

Laura Dyrda - Wednesday, June 24th, 2020
A Missouri county's COVID-19 dashboard may have inadvertently posted a spreadsheet that included personally identifiable information, according to local ABC affiliate KBMC News.
CHI St. Luke's hospital email hack exposes patient info: 4 details

Jackie Drees - Tuesday, June 23rd, 2020
CHI St. Luke's Health-Memorial Lufkin (Texas) on June 19 began notifying patients that an unauthorized third party gained access to patients' protected health information in April.
Kroger network server breach exposes nearly 11,000 patients' info

Laura Dyrda - Monday, June 22nd, 2020
The Kroger Co., based in Ohio, reported a hacking incident to HHS on June 18.
Care New England resolves cyberattack after nearly weeklong computer system outage

Jackie Drees - Monday, June 22nd, 2020
Providence, R.I.-based Care New England's internal computer systems are back up and running after a June 16 cyberattack caused nearly one week of system downtime, according to a June 22 Providence Journal report.
Ransomware group auctions Crozer-Keystone Health System data on darknet

Jackie Drees - Monday, June 22nd, 2020
Netwalker, a ransomware operator that threatens to publish data online if ransoms aren't paid, hacked Springfield, Pa.-based Crozer-Keystone Health System and is auctioning off its data online, according to Cointelegraph.
12 largest healthcare data breaches in 2020 so far

Laura Dyrda - Friday, June 19th, 2020
HHS has reported 12 data breaches this year where more than 100,000 patients' information was affected.