Governance, HIPAA and Ransomware - Health Care Compliance Brief

OctaPharma Plasma Closes Donation Centers While It Deals with Suspected Ransomware Attack

HIPAA Journal

APRIL 22, 2024

At this stage, Octapharma has yet to provide any further details about the attack, such as whether ransomware was used to encrypt files, and said further information will be released as the investigation progresses. BlackSuit is a relatively new ransomware operation that was discovered in May 2023.

Ransomware

Ransomware Public Health HIPAA Governance

Healthcare Ransomware Attacks Involve 20% of Stored Sensitive Data

HIPAA Journal

MAY 2, 2024

Ransomware groups target the healthcare sector because a successful attack gives them access to large amounts of sensitive data that can be easily monetized and used as leverage to get a ransom paid. According to Recorded Future, there were 358 ransomware attacks on healthcare organizations in 2023, a year-on-year increase of 46%.

Ransomware

Ransomware HIPAA Governance

AHA, H-ISAC warn hospitals about Black Basta following Ascension cyberattack

Healthcare It News

MAY 13, 2024

The Health Information Sharing and Analysis Center issued a threat alert Friday about the Russia-backed ransomware group Black Basta, warning of its accelerated attempted attacks against the healthcare sector. "It is recommended that this alert be reviewed with high urgency and the recommended technical mitigations be put in place.

Hospitals

Hospitals Ransomware Governance HIPAA

Reactions to the Ascension Healthcare Ransomware Attack and Suggestions for Healthcare Organizations

Healthcare IT Today

MAY 16, 2024

While it’s amazing to consider two breaches and ransomware incidents the size of Change Healthcare and Ascension could happen so closely together, it’s very clear that healthcare is a target and we need to massively increase our investment in security to show we’ve learned from these experiences.

Ransomware

Ransomware US Department of Health and Human Services Hospitals Compliance

Government Issues Warning to Healthcare Organizations About Daixin Team Extortion and Ransomware Attacks

HIPAA Journal

OCTOBER 24, 2022

A relatively new data extortion and ransomware gang known as Daixin team is actively targeting U.S. Daixin Team first appeared on the radar in June 2022, with the group predominantly conducting data extortion and ransomware attacks on organizations in the health and public health sector (HPH).

Ransomware

Ransomware Governance HIPAA Public Health

290 Hospitals Potentially Affected by Ransomware Attacks in 2022

HIPAA Journal

JANUARY 3, 2023

Ransomware attacks continue to be conducted on healthcare organizations in high numbers but determining the extent to which healthcare organizations are being targeted by ransomware gangs is a challenge. The decision whether or not to encrypt appears to be taken on an attack-by-attack basis.

Ransomware

Ransomware Hospitals HIPAA Governance

Healthcare Sector Warned About Cuba Ransomware Attacks

HIPAA Journal

DECEMBER 5, 2022

The Cuba ransomware group has increased attacks in the United States, with attacks doubling since December 2021, and ransom payments are also on the rise. According to CISA and the FBI, there are similarities between the infrastructure used by the Cuba ransomware operation and the RomCom RAT and Industrial Spy ransomware actors.

Ransomware

Ransomware Public Health HIPAA Governance

HC3 Sounds Alarm About Rhysida Ransomware Group

HIPAA Journal

AUGUST 7, 2023

The HHS’ Health Sector Cybersecurity Coordination Center (HC3) has issued a security alert about a new ransomware group – Rhysida – which is conducting high-impact attacks across multiple industry sectors. The Cobalt Strike attack framework is deployed on compromised systems and used to deliver the ransomware payload.

Ransomware

Ransomware Public Health HIPAA Governance

UnitedHealth Group Confirms Data Stolen in Change Healthcare Ransomware Attack

HIPAA Journal

MARCH 29, 2024

It has been more than 5 weeks since Change Healthcare suffered a Blackcat ransomware attack. Department of State Offers $10 Million Reward for Information on ALPHV/Blackcat Ransomware Group The U.S. The AHA expressed concern about Fontes Rainer’s statement and is seeking clarification on which entities need to issue notifications.

Ransomware

Ransomware US Department of Health and Human Services HIPAA Hospitals

CISA Launches Ransomware Vulnerability Warning Pilot Program

HIPAA Journal

MARCH 15, 2023

Cybersecurity and Infrastructure Agency (CISA) has launched a new pilot program in response to the increase in ransomware attacks on critical infrastructure entities. The program is focused on identifying vulnerabilities in Internet-facing systems that are known to have been exploited by ransomware gangs in previous attacks.

Ransomware

Ransomware Governance HIPAA Hospitals

Medusa Ransomware Group Leaks Data Stolen from American Renal Associates

HIPAA Journal

APRIL 8, 2024

The Medusa ransomware group has leaked data stolen from American Renal Associates. American Renal Associates American Renal Associates (ARA), one of the largest providers of dialysis services in the United States and a provider of care for patients suffering from end-stage renal disease has experienced a Medusa ransomware attack.

Ransomware

Ransomware Health Insurance Licensing HIPAA

Strengthening Cybersecurity Preparedness for Small Organizations: Lessons from the Change Healthcare Ransomware Attack

HIT Consultant

MARCH 25, 2024

UnitedHealth Group’s technology unit, Change Healthcare, is currently facing an ongoing ransomware attack which has reverberated through healthcare systems and affected prescription deliveries. Phishing attacks, a common vector for ransomware infections, often exploit human vulnerabilities through deceptive emails and other communications.

Ransomware

Ransomware US Department of Health and Human Services Regulatory Compliance Compliance

Ransomware Attacks Drop by 23% Globally but Increase by 328% in Healthcare

HIPAA Journal

JULY 29, 2022

million global sensors in 215 countries and shows a global fall in ransomware attacks, with notable increases in malware attacks for the first time in 3 years. Ransomware. SonicWall reports a 23% fall in ransomware attacks globally in H1 2022, which fell to 236.1 The data for the report was collected from more than 1.1

Ransomware

Ransomware Governance HIPAA

657 Healthcare Providers Affected by Ransomware Attack on Professional Finance Company

HIPAA Journal

JULY 4, 2022

According to the PFC website, the company is one of the nation’s leading debt recovery agencies, and its client list includes many healthcare providers, retailers, financial organizations, and government agencies. PFC said it is providing complimentary credit monitoring and identity theft protection services to affected individuals.

Ransomware

Ransomware HIPAA Health Insurance Governance

HIPAA Enforcement is Changing. Providers Must Too.

HIT Consultant

DECEMBER 20, 2023

Cam Roberson, VP at Beachhead Solutions Healthcare delivery organizations and those working with them that are still in business are either well aware of their duties under HIPAA, work with managed service providers that understand the law well, or…are lucky to have made it this far. The recent bill H.R.7898

HIPAA

HIPAA Ransomware Governance

HC3 Shares Black Basta Ransomware Threat Intelligence Data

HIPAA Journal

MARCH 16, 2023

The Health Sector Cybersecurity Coordination Center (HC3) has shared threat intelligence information about the Black Basta ransomware group to help network defenders prevent and rapidly detect attacks in progress. The Black Basta group was first identified in April 2022 and is known to conduct ransomware and extortion attacks.

Ransomware

Ransomware HIPAA Governance

Warning Issued About North Korean Ransomware Attacks on Healthcare Organizations

HIPAA Journal

FEBRUARY 10, 2023

Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Department of Health and Human Services (HHS), and the Republic of Korea’s Defense Security Agency and National Intelligence Service warning of state-sponsored North Korean (DPRK) ransomware attacks on U.S.

Ransomware

Ransomware US Department of Health and Human Services HIPAA Hospitals

CISA, FBI, NSA Warn of Increased Threat of Ransomware Attacks on Critical Infrastructure

HIPAA Journal

FEBRUARY 14, 2022

A joint security advisory has been issued by cybersecurity agencies in the United States, United Kingdom, and Australia, warning about the increased globalized threat of ransomware attacks and the elevated risk of targeted attacks on critical infrastructure entities. 2021 Ransomware Attack Trends. 2021 Ransomware Attack Trends.

Ransomware

Ransomware Governance HIPAA Public Health

Comprehensive LockBit Ransomware Cybersecurity Advisory Issued by CISA & Partners

HIPAA Journal

JUNE 15, 2023

This joint advisory on LockBit is another example of effective collaboration with our partners to provide timely and actionable resources to help all organizations understand and defend against this ransomware activity,” said CISA Executive Assistant Director for Cybersecurity, Eric Goldstein. “As

Ransomware

Ransomware HIPAA Governance

Up to 11 Million Health Records Compromised in Cyberattack on Government Contractor

HIPAA Journal

JULY 31, 2023

a government services contracting company, has announced in a Securities and Exchange Commission (SEC) filing that hackers exploited a zero-day vulnerability in Progress Software’s MOVEit Transfer solution in May 2023 and accessed the protected health information (PHI) of between 8 and 11 million individuals. Reston, VA-based Maximus Inc.,

Governance

Governance Medicare Medicare Ransomware

Russian National Indicted for Scripps Health Ransomware Attack; 11 TrickBot/Conti Actors Sanctioned

HIPAA Journal

SEPTEMBER 13, 2023

The indictments of multiple members of the TrickBot/Conti Ransomware groups have recently been unsealed and 11 members of these cybercriminal operations have been sanctioned by the United States and the United Kingdom. government and other U.S. Galochkin was also one of 11 individuals recently sanctioned by the U.S.

Ransomware

Ransomware Governance HIPAA Hospitals

FBI: At Least 148 Healthcare Organizations Suffered Ransomware Attacks in 2021

HIPAA Journal

MARCH 24, 2022

The Federal Bureau of Investigation (FBI) Internet Crime Complaint Center (IC3) has released its 2021 Internet Crime Report , which reveals there were at least 649 ransomware attacks on critical infrastructure organizations from June 2021 to December 2021. Losses to ransomware are difficult to determine.

Ransomware

Ransomware Public Health Fraud HIPAA

Netwalker Ransomware Affiliate Sentenced to 20 Years in Jail

HIPAA Journal

OCTOBER 6, 2022

An affiliate of the infamous Netwalker ransomware gang has been sentenced to serve 20 years in jail for his role in ransomware attacks on entities in the United States. A law enforcement investigation into the ransomware attacks conducted by Vachon-Desjardins on U.S. years in jail for a separate drug trafficking case.

Ransomware

Ransomware Fraud COVID-19 HIPAA

Oakbend Medical Center Suffers Ransomware Attack

HIPAA Journal

SEPTEMBER 13, 2022

Over the Labor Day weekend, Oakbend Medical Center in Richmond, TX, suffered a ransomware attack. The post Oakbend Medical Center Suffers Ransomware Attack appeared first on HIPAA Journal. The attack started on Thursday, September 1, 2022, and saw files on its network encrypted.

Ransomware

Ransomware HIPAA Doctors Governance

Alvaria Confirms November 2022 Hive Ransomware Attack

HIPAA Journal

JUNE 8, 2023

a provider of call center and customer experience software technology to large enterprises, has recently confirmed that it fell victim to a ransomware attack on a limited portion of its network. The post Alvaria Confirms November 2022 Hive Ransomware Attack appeared first on HIPAA Journal. (formerly Aspect Software, Inc.),

Ransomware

Ransomware Fraud HIPAA Health Insurance

What Healthcare Leaders Need to Do Now About Ransomware

HIT Consultant

MARCH 20, 2022

If ransomware is not a topic of conversation around any healthcare organization’s boardroom table, directors and senior executives may be exposing the organization (and themselves) to considerable risk. Here’s a guide to ransomware trends for 2022 and steps healthcare leaders can take to help protect their organizations.

Ransomware

Ransomware HIPAA Governance Hospitals

Lehigh Valley Health Network and MKS Instruments Recovering from Ransomware Attacks

HIPAA Journal

FEBRUARY 21, 2023

Lehigh Valley Health Network (LVHN) in Pennsylvania has confirmed that it is dealing with a ransomware attack that was detected on February 6, 2023. An announcement was made on Monday confirming the Russian-speaking ransomware gang, BlackCat, was behind the attack and demanded a ransom, but no payment was made.

Ransomware

Ransomware HIPAA Health Insurance Governance

United Health Centers of San Joaquin Valley Notifies Patients About August 2021 Ransomware Attack

HIPAA Journal

AUGUST 16, 2022

In August 2021, the Vice Society ransomware operation published data on its data leak site that had allegedly been obtained in a ransomware attack on United Health Centers of San Joaquin Valley. HIPAA Journal reported on the incident in September 2021.

Ransomware

Ransomware HIPAA Licensing Governance

Virtual 40th National HIPAA Summit – Early Bird Discount Ends 2/3

HIPAA Journal

JANUARY 30, 2023

The National HIPAA Summit is the leading forum on healthcare EDI, privacy, breach notification, confidentiality, data security, and HIPAA compliance, and the deadline for registration for the Virtual 40th National HIPAA Summit is fast approaching.

US Department of Health and Human Services

US Department of Health and Human Services HIPAA Compliance Medicaid

Up to 2,592,494 individuals Affected by Smile Brands Ransomware Attack

HIPAA Journal

APRIL 28, 2022

Irvine, CA-based Smile Brands, a provider of support services for dental offices, has recently provided an update on the number of individuals affected by a ransomware attack that was discovered on April 24, 2021. The post Up to 2,592,494 individuals Affected by Smile Brands Ransomware Attack appeared first on HIPAA Journal.

Ransomware

Ransomware Health Insurance HIPAA Licensing

Is Paubox HIPAA Compliant?

HIPAA Journal

JUNE 25, 2023

Paubox is HIPAA compliant and as an email encryption solution supports HIPAA compliance and can be used by Covered Entities and Business Associates to communicate Protected Health Information in emails without violating the standards of the HIPAA Privacy or Security Rules. What are the HIPAA Email Requirements?

HIPAA

HIPAA Compliance Compliance Officers Ransomware

Ransom Payments Exceeded $1 Billion in 2023

HIPAA Journal

FEBRUARY 8, 2024

A new report from Chainalysis has revealed victims of ransomware attacks paid hackers $1.1 These are also conservative figures, as the researchers are unaware of all of the cryptocurrency wallets used by ransomware gangs. The researchers believe this anomaly is linked to the Russia-Ukraine war.

Ransomware

Ransomware HIPAA Governance Hospitals

UHG says it's rebuilding Change Healthcare with cloud-based security

Healthcare It News

MAY 2, 2024

UnitedHealth Group CEO Andrew Witty testified on May 1 before both the House and Senate about the seismic February 21 cyberattack of UHG subsidiary Change Healthcare, which was infiltrated by the ALPHV ransomware gang. The particular ransomware attack made prime and backups inoperable.

US Department of Health and Human Services

US Department of Health and Human Services HIPAA Ransomware Governance

HIPAA & GRC Key to Principled Performance in Health Space

Compliancy Group

MAY 6, 2022

It’s sometimes hard to believe that the acronym GRC (Governance, Risk, Compliance) has been around for less than 20 years. HIPAA and GRC go hand in hand for companies operating in the healthcare sector. HIPAA & GRC – A Brief History. Let’s Simplify Compliance Do you need help with HIPAA? Learn More! ×

HIPAA

HIPAA Compliance Governance Ransomware

Artificial Intelligence, Extinction-Level Threat or Solution?

AIHC

MARCH 12, 2024

Written by the AIHC Education Department This article provides an overview of how the media and government are reacting to the potential of artificial intelligence (AI) and potential threats associated with this advanced technology. A Government-Commissioned Report Released February 2024 The U.S.

Ransomware

Ransomware Governance Compliance HIPAA

Interview: John Jessop, Sr. Director, HIPAA Security & Regulatory Compliance, PPFA

HIPAA Journal

NOVEMBER 29, 2022

HIPAA Journal is conducting interviews with healthcare professionals and service providers to find out more about their compliance journeys, how the HIPAA Rules have affected their working lives, and the successes and challenges they have faced with HIPAA compliance. Director, HIPAA Security & Regulatory Compliance, PPFA.

Regulatory Compliance

Regulatory Compliance HIPAA Compliance Federal Policy

Artificial Intelligence, Extinction-Level Threat or Solution?

AIHC

MARCH 12, 2024

Written by the AIHC Education Department This article provides an overview of how the media and government are reacting to the potential of artificial intelligence (AI) and potential threats associated with this advanced technology. A Government-Commissioned Report Released February 2024 The U.S.

Ransomware

Ransomware Governance Compliance HIPAA

Mid-Year Report Shows Healthcare Cyberattacks Have Increased by 69%

HIPAA Journal

OCTOBER 20, 2022

Healthcare now ranks fifth highest in the number of weekly attacks, behind education, government/military, ISP/MSP, and communications. Check Point says the fallout from this is likely to be felt by governments and enterprises worldwide. The ability of cyberattacks to affect everyday lives has become crystal clear.

Ransomware

Ransomware Governance HIPAA

Healthcare Organizations Warned About Evil Corp. Cybercrime Syndicate

HIPAA Journal

AUGUST 31, 2022

The group operates out of Russia and has been operational since at least 2009 and is responsible for the infamous Dridex banking Trojan and several other ransomware and malware variants, including BitPaymer, Hades, Phoenixlocker, WastedLocker, SocGholish, GameOver Zeus, and JabberZeus.

Ransomware

Ransomware Fraud Governance Public Health

HIPAA Compliant Environment or a Culture of Compliance?

Compliancy Group

APRIL 29, 2022

One of the trendy marketing terms being used by equipment and service providers in the security space is “HIPAA Compliant Environment.” Here are the things to consider to help evolve beyond a HIPAA Compliant Environment and create a Culture of Compliance that adds value to your organization. × Simplified HIPAA Compliance.

HIPAA

HIPAA Compliance Due Diligence Ransomware

HHS Warns of Potential Threats to the Healthcare Sector

HIPAA Journal

MARCH 2, 2022

HC3 has warned that threats could come from three areas: Threat actors linked to the Russian government, threat actors linked to the Belarussian government, and cybercriminal groups operating out of Russia and its neighboring states. The post HHS Warns of Potential Threats to the Healthcare Sector appeared first on HIPAA Journal.

US Department of Health and Human Services

US Department of Health and Human Services Ransomware Governance HIPAA

Global Healthcare Cyberattacks Increased by 74% in 2022

HIPAA Journal

JANUARY 10, 2023

With that increase, healthcare rose to become the third most attacked industry globally behind the government/military with 1,661 attacks a week (+46%) and education/research with 2,314 attacks a week (+43%). There were notable changes in the threat landscape in 2022, especially concerning ransomware attacks.

Ransomware

Ransomware HIPAA Hospitals Governance

CISA's ransomware fact sheet

The HIPAA Blog

AUGUST 24, 2021

The US Cybersecurity and Infrastructure Security Agency produced a fact sheet to help government and private sector organizations prevent and respond to ransomware attacks. I highly recommend you take a look:

Ransomware

Ransomware Governance

Building Cybersecurity Resilience in American Rural Hospitals: Embracing the NIST CSF to Tackle Evolving Threats

HIT Consultant

AUGUST 9, 2023

Mike Hamilton, Founder and CISO of Critical Insight To stop ransomware terrorists from locking up our Nation’s hospitals, the Federal Government is pushing patient-focused entities to align with a standard. Two years ago, the Colonial Pipeline fell victim to a ransomware attack. Negative publicity matters, significantly.

US Department of Health and Human Services

US Department of Health and Human Services Hospitals Ransomware Governance

OctaPharma Plasma Closes Donation Centers While It Deals with Suspected Ransomware Attack

Healthcare Ransomware Attacks Involve 20% of Stored Sensitive Data

Trending Sources

AHA, H-ISAC warn hospitals about Black Basta following Ascension cyberattack

Reactions to the Ascension Healthcare Ransomware Attack and Suggestions for Healthcare Organizations

Government Issues Warning to Healthcare Organizations About Daixin Team Extortion and Ransomware Attacks

290 Hospitals Potentially Affected by Ransomware Attacks in 2022

Healthcare Sector Warned About Cuba Ransomware Attacks

HC3 Sounds Alarm About Rhysida Ransomware Group

UnitedHealth Group Confirms Data Stolen in Change Healthcare Ransomware Attack

CISA Launches Ransomware Vulnerability Warning Pilot Program

Medusa Ransomware Group Leaks Data Stolen from American Renal Associates

Strengthening Cybersecurity Preparedness for Small Organizations: Lessons from the Change Healthcare Ransomware Attack

Ransomware Attacks Drop by 23% Globally but Increase by 328% in Healthcare

657 Healthcare Providers Affected by Ransomware Attack on Professional Finance Company

HIPAA Enforcement is Changing. Providers Must Too.

HC3 Shares Black Basta Ransomware Threat Intelligence Data

Warning Issued About North Korean Ransomware Attacks on Healthcare Organizations

CISA, FBI, NSA Warn of Increased Threat of Ransomware Attacks on Critical Infrastructure

Comprehensive LockBit Ransomware Cybersecurity Advisory Issued by CISA & Partners

Up to 11 Million Health Records Compromised in Cyberattack on Government Contractor

Russian National Indicted for Scripps Health Ransomware Attack; 11 TrickBot/Conti Actors Sanctioned

FBI: At Least 148 Healthcare Organizations Suffered Ransomware Attacks in 2021

Netwalker Ransomware Affiliate Sentenced to 20 Years in Jail

Oakbend Medical Center Suffers Ransomware Attack

Alvaria Confirms November 2022 Hive Ransomware Attack

What Healthcare Leaders Need to Do Now About Ransomware

Lehigh Valley Health Network and MKS Instruments Recovering from Ransomware Attacks

United Health Centers of San Joaquin Valley Notifies Patients About August 2021 Ransomware Attack

Virtual 40th National HIPAA Summit – Early Bird Discount Ends 2/3

Up to 2,592,494 individuals Affected by Smile Brands Ransomware Attack

Is Paubox HIPAA Compliant?

Ransom Payments Exceeded $1 Billion in 2023

UHG says it's rebuilding Change Healthcare with cloud-based security

HIPAA & GRC Key to Principled Performance in Health Space

Artificial Intelligence, Extinction-Level Threat or Solution?

Interview: John Jessop, Sr. Director, HIPAA Security & Regulatory Compliance, PPFA

Artificial Intelligence, Extinction-Level Threat or Solution?

Mid-Year Report Shows Healthcare Cyberattacks Have Increased by 69%

Healthcare Organizations Warned About Evil Corp. Cybercrime Syndicate

HIPAA Compliant Environment or a Culture of Compliance?

HHS Warns of Potential Threats to the Healthcare Sector

Global Healthcare Cyberattacks Increased by 74% in 2022

CISA's ransomware fact sheet

Building Cybersecurity Resilience in American Rural Hospitals: Embracing the NIST CSF to Tackle Evolving Threats

Stay Connected