HIPAA Journal

DECEMBER 13, 2022

The Health Sector Cybersecurity Coordination Center (HC3) has released analyses of two ransomware variants that are being used in attacks on the healthcare sector: LockBit 3.0 LockBit ransomware was first detected in September 2019 when it was known as ABCD ransomware. and has code similar to DarkSide and BlackMatter ransomware.

Ransomware 129

Ransomware HIPAA 129

HIPAA Journal

FEBRUARY 27, 2023

The healthcare and public health (HPH) sector has been warned about cyberattacks involving MedusaLocker ransomware – one of the lesser-known ransomware variants used in cyberattacks on the sector. The ransomware variant was first detected in September 2019 and the group is thought to primarily target the HPH sector.

Ransomware 104

Ransomware HIPAA Public Health 104

HIPAA Journal

NOVEMBER 10, 2022

The Health Sector Cybersecurity Coordination Center (HC3) has recently shared details of the tactics, techniques, and procedures associated with Venus ransomware attacks, and has made several recommendations on mitigations that healthcare organizations can implement to improve their defenses against attacks.

Ransomware 109

Ransomware HIPAA 109

HIPAA Journal

MARCH 16, 2023

The Health Sector Cybersecurity Coordination Center (HC3) has shared threat intelligence information about the Black Basta ransomware group to help network defenders prevent and rapidly detect attacks in progress. The Black Basta group was first identified in April 2022 and is known to conduct ransomware and extortion attacks.

Ransomware 99

Ransomware HIPAA Governance 99

HIPAA Journal

JUNE 29, 2022

On June 25, 2022, a spokesperson for a threat group called DAIXIN Team contacted HIPAA Journal to share information about a ransomware attack and data theft incident at Fitzgibbon Hospital in Marshall, Missouri. DAIXIN Team was previously not known to HIPAA Journal and appears to be a new ransomware group.

Ransomware 119

Ransomware Hospitals HIPAA Health Insurance 119

HIPAA Journal

MAY 18, 2023

A joint cybersecurity alert has been issued by the Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and Australian Cyber Security Centre (ACSC) about the BianLian ransomware and data extortion group.

Ransomware 94

Ransomware HIPAA Public Health 94

HIPAA Journal

AUGUST 15, 2022

Multiple ransomware groups have adopted the BazarCall callback phishing technique to gain initial access to victims’ networks, including threat actors that have targeted the healthcare sector. That action could be to visit a malicious website or download a malicious file.

Ransomware 129

Ransomware HIPAA 129

HIPAA Journal

MARCH 1, 2022

Ransomware attacks have recently been reported by four healthcare providers across the country, which have collectively resulted in the exposure and potential theft of the protected health information of more than 49,000 individuals. The post Four Healthcare Providers Hit with Ransomware Attacks appeared first on HIPAA Journal.

Ransomware 138

Ransomware Licensing HIPAA Health Insurance 138

HIT Consultant

OCTOBER 4, 2023

More ransomware attacks targeted healthcare in 2022 than any other critical infrastructure sector, according to the FBI’s Internet Crime Complaint Center (IC3). However, there are gaps where more can be done to better protect against ransomware.

Ransomware 69

Ransomware Hospitals Nurses Doctors 69

HIPAA Journal

NOVEMBER 9, 2023

The Cyber Division of the Federal Bureau of Investigation (FBI) has issued a private industry notification that includes details of emerging techniques that are being used by ransomware gangs to gain initial access to victims’ networks. This type of attack is known as callback phishing and has been popular with ransomware gangs since 2022.

Ransomware 78

Ransomware HIPAA 78

HIPAA Journal

JANUARY 16, 2023

The Health Sector Cybersecurity Coordination Center (HC3) has shared threat intelligence on two sophisticated and aggressive ransomware operations – Blackcat and Royal – which pose a significant threat to the healthcare and public health (HPH) sector. Royal is now the most active ransomware operation, having surpassed Lockbit.

Ransomware 84

Ransomware HIPAA Public Health Hospitals 84

HIPAA Journal

NOVEMBER 17, 2022

Salud Family Health Provides Update on September 2022 Ransomware Attack. The breach was reported to the HHS’ Office for Civil Rights using a placeholder of 501 and that figure has yet to be updated on the OCR breach portal; however, the threat actor behind the attack – the Lorenz ransomware group – has dumped a sample of the files online.

Ransomware 81

Ransomware Health Insurance Hospitals Fraud 81

Compliancy Group

JUNE 29, 2022

Download the free cybersecurity eBook to get tips on protecting your patient information. Eye Care’s myCare Integrity solution was hacked via a ransomware attack on December 4, 2021. . During one week in mid-July alone, five eye care providers reported that patient data had been compromised by the ransomware attack.

Ransomware 98

Ransomware Electronic Medical Records HIPAA Compliance 98

HIPAA Journal

MARCH 10, 2022

The Austin, TX-based cloud hosting and data storage company DataHEALTH has announced it was the victim of a ransomware attack on November 3, 2021. The malware was detected on or around August 9, 2021, with the investigation confirming the malware was downloaded onto its systems on July 27, 2021. DataHealth. Dr. Douglas C.

Ransomware 127

Ransomware Licensing Health Insurance Hospitals 127

HIPAA Journal

JUNE 14, 2023

The group is financially motivated and often engages in data theft for extortion, with or without ransomware. FIN11 often deploys CLOP ransomware in its attacks, although it is unclear exactly how many CLOP ransomware attacks FIN11 has conducted. FIN11 also targeted HPH sector organizations during the COVID-19 pandemic.

Ransomware 86

Ransomware COVID-19 HIPAA Public Health 86

HIPAA Journal

AUGUST 4, 2023

Ransomware and information stealing malware were highly prevalent. Amadey has information stealing capabilities and is often used to perform reconnaissance before downloading additional malicious payloads. The RedLine information stealer and the Amadey bot were regularly blocked threats.

Ransomware 82

Ransomware Governance HIPAA 82

HIPAA Journal

MAY 9, 2023

In January 2023 , NextGen was added to the data leak site of the BlackCat ransomware group, although the listing was later taken down. The incident was investigated and a spokesman for NextGen said no patient data had been exposed or downloaded, and consequently this was not a reportable data breach.

Ransomware 120

Ransomware HIPAA Doctors 120

HIPAA Journal

AUGUST 12, 2022

The emails have an Evernote-themed lure to trick recipients into downloading a Trojan file that generates a login prompt to steal credentials. The link included in the email directs the user to the Evernote site, where they are prompted to download an HTML file – called message (3).html. Evernote Phishing Campaign. Source: HC3.

Ransomware 102

Ransomware HIPAA 102

HIPAA Journal

MARCH 30, 2023

Ransomware and phishing continue to be the biggest cybersecurity concerns for healthcare organizations according to the February 2023 Current and Emerging Healthcare Cyber Threat Landscape report from Health-ISAC. Ransomware was the biggest concern for 2022 and 2023 with phishing and spear phishing in second.

Ransomware 97

Ransomware Fraud Governance Medical Billing 97

HIPAA Journal

MARCH 27, 2023

Devices can be lost or stolen, they may connect to unsecured Wi-Fi networks, and software and applications may have vulnerabilities that can be exploited, resulting in unauthorized network access or the downloading of malware or ransomware. You can access/download the HC3 mobile device security checklist here (PDF).

Ransomware 103

Ransomware HIPAA Hospitals 103

HIPAA Journal

MAY 26, 2023

An updated version of the StopRansomware Guide has been published that includes further recommendations on actions that can be taken to reduce the risk of ransomware attacks. The updated StopRansomware Guide can be downloaded from CISA on this link.

Ransomware 56

Ransomware HIPAA Governance 56

HIPAA Journal

DECEMBER 1, 2022

An unauthorized individual was found to have gained access to its network and downloaded files containing the protected health information of 45,785 patients. Health Plan Member Data Potentially Compromised in Innovative Service Technology Management Services Ransomware Attack.

Health Insurance 103

Health Insurance Ransomware HIPAA Governance 103

HIPAA Journal

NOVEMBER 8, 2023

Mulkay Cardiology Consultants at Holy Name Medical Center has recently confirmed that it fell victim to a ransomware attack. Ransomware Gangs Claim Responsibility for Attacks on Healthcare Providers The following healthcare providers have recently been added to the data leak sites of ransomware groups. Summit Health (LockBit 3.0)

Ransomware 100

Ransomware Licensing Health Insurance HIPAA 100

HIPAA Journal

JULY 7, 2023

TrueBot is a downloader/botnet malware that establishes a connection with its command-and-control server, collects information on compromised systems, and is used for launching more extensive attacks on compromised networks. FIN11 has been using TrueBot malware to deploy Clop ransomware on victims’ networks.

Ransomware 101

Ransomware HIPAA 101

HIPAA Journal

JANUARY 31, 2024

Report: Security Breaches in Healthcare (Direct Download PDF, 1.9MB, 16 pages) An unwanted record was set in 2023 with 725 large security breaches in healthcare reported to the Department of Health and Human Services (HHS) Office for Civil Rights (OCR), beating the record of 720 healthcare security breaches set the previous year.

Ransomware 123

Ransomware HIPAA Hospitals Compliance 123

Healthcare IT Today

MARCH 23, 2023

While there are many tools and best practices to protect against ransomware, such as ensuring backups are segregated from production, proper incident response, file integrity monitoring, etc., From there, the hackers were able to infect the entire network with ransomware. How did it start?

Ransomware 120

Ransomware Hospitals Health Insurance HIPAA 120

Healthcare IT Today

OCTOBER 9, 2023

Prepare to Tackle Ransomware Ransomware often happens through three well-established and known vectors: phishing, remote desktop protocols (RDP) or remote administration of routers, firewalls, and other network systems, and misconfigured web applications. Measuring the return on investment is an age-old question.

Hospitals 73

Hospitals Ransomware Public Health 73

HIPAA Journal

JULY 7, 2023

The exploit “smashes the heap, connects back to an attacker-controlled server, downloads a BusyBox binary and opens an interactive shell,” said the researchers. Bishop Fox researchers then used an exploit to demonstrate the seriousness of the vulnerability.

Ransomware 92

Ransomware HIPAA 92

HIPAA Journal

MARCH 3, 2023

Phishing is one of the most commonly used initial access vectors in cyberattacks, commonly leading to costly account compromises, data breaches, and ransomware attacks. One-third of working adults were unable to define malware, phishing, and ransomware, and there has been little change in understanding since 2021.

Ransomware 127

Ransomware HIPAA 127

HIPAA Journal

OCTOBER 10, 2022

Threat actors leverage software tools that have already been installed to avoid having to download files via the Internet, malicious activities can be hidden within the logs along site legitimate use of these tools, and these tools are used to conduct malicious activities in the memory to evade security solutions.

Ransomware 97

Ransomware HIPAA Public Health 97

HIPAA Journal

SEPTEMBER 8, 2023

Just Kids Dental Suffers Ransomware Attack Acadia Health, LLC, doing business as Just Kids Dental, has started notifying 129,623 patients that some of their protected health information was stolen in an August 2, 2023, ransomware attack. Credit monitoring services are being offered to the affected individuals for 12 months at no cost.

Licensing 100

Licensing Ransomware Health Insurance HIPAA 100

HIPAA Journal

JUNE 8, 2023

The forensic investigation confirmed its systems had been accessed by an unauthorized individual between December 5, 2022, and December 21, 2022, and files had been downloaded. Alvaria confirmed in February that it was the victim of a Hive ransomware attack in November 2022. It is unclear if the two incidents are linked.

Ransomware 81

Ransomware Hospitals Medical Billing HIPAA 81

HIT Consultant

SEPTEMBER 5, 2023

For example, a physician might start consolidating information and clinical notes in Excel, perhaps even downloading that information to a flash drive to take home after work. This elevates the risk of exploitation by bad actors with ransomware. In other words, they can’t protect what they don’t see.

Ransomware 111

Ransomware Electronic Medical Records Hospitals HIPAA 111

Healthcare IT News - Telehealth

JANUARY 13, 2021

Cybersecurity breaches such as ransomware have already plagued healthcare organizations prior to the pandemic, and these incidents have increased in intensity and frequency during the pandemic - in many instances, crippling critical infrastructure systems and compromising the integrity of patient records.

COVID-19 102

COVID-19 Ransomware Telemedicine Hospitals 102

Healthcare IT News - Telehealth

MAY 17, 2022

In many cases the devices and wearables used by patients do not transmit data directly to the care-delivery organization, which helps to mitigate against the risk of malware, ransomware or other malicious software. Phishing and ransomware are the most significant security incidents, and a hot target.

Ransomware 125

Ransomware HIPAA Hospitals 125

Compliancy Group

OCTOBER 7, 2022

Application control blocks employees who may attempt to download applications like spyware, or malware that could give unauthorized users access to a network. Failure to have endpoint protection systems in place can cripple an organization if a ransomware attack allows an unauthorized party to access a network and corrupt data.

Ransomware 52

Ransomware HIPAA Doctors Compliance 52

HIPAA Journal

MARCH 21, 2022

As previously reported on this site, JDC Healthcare Management detected malware within its IT network on or around August 9, 2021, with the forensic investigation into the security breach confirming the malware was downloaded onto its systems on July 27, 2021. Suffers Ransomware Attack. Wheeling Health Right Inc.

Ransomware 101

Ransomware Licensing HIPAA Health Insurance 101