Fraud and Ransomware - Health Care Compliance Brief

Netwalker Ransomware Affiliate Sentenced to 20 Years in Jail

HIPAA Journal

OCTOBER 6, 2022

An affiliate of the infamous Netwalker ransomware gang has been sentenced to serve 20 years in jail for his role in ransomware attacks on entities in the United States. A law enforcement investigation into the ransomware attacks conducted by Vachon-Desjardins on U.S. years in jail for a separate drug trafficking case.

Ransomware

Ransomware Fraud HIPAA COVID-19

290 Hospitals Potentially Affected by Ransomware Attacks in 2022

HIPAA Journal

JANUARY 3, 2023

Ransomware attacks continue to be conducted on healthcare organizations in high numbers but determining the extent to which healthcare organizations are being targeted by ransomware gangs is a challenge. While no deaths have been attributed to ransomware attacks, patient outcomes are affected by the delays in receiving treatment.

Ransomware

Ransomware Hospitals HIPAA Fraud

Lehigh Valley Health Network Sued After Ransomware Gang Publishes Nude Patient Images

HIPAA Journal

MARCH 15, 2023

A lawsuit has been filed against Lehigh Valley Health Network (LVHN) over its recent BlackCat ransomware attack. The attack saw files encrypted after data was exfiltrated as is typical in ransomware attacks; however, the attack stood out due to the aggressive move of the threat group to increase the pressure on LVHN to pay the ransom.

Ransomware

Ransomware HIPAA Fraud Licensing

CentraState Medical Center Facing Class Action Lawsuit Over December 2022 Ransomware Attack

HIPAA Journal

FEBRUARY 22, 2023

A lawsuit has been filed against Freehold Township, NJ-based CentraState Healthcare System over its December 2022 ransomware attack, a few days after the health system started sending notification letters to around 617,000 affected patients.

Ransomware

Ransomware Health Insurance Fraud HIPAA

Suspected DoppelPaymer Ransomware Core Members Arrested in Europol-Led Operation

HIPAA Journal

MARCH 7, 2023

DoppelPaymer ransomware first appeared in 2019. Since then, the ransomware has been used in dozens of attacks on critical infrastructure organizations and industries, and private companies. The ransomware is based on BitPaymer ransomware, which is part of the Dridex malware family.

Ransomware

Ransomware Fraud HIPAA Hospitals

Knowing Your Patient: Helping Healthcare Organizations Prevent Insurance Fraud

Healthcare IT Today

JUNE 2, 2023

Today’s threat landscape requires them to plan for ransomware and malware attacks, protect against traditional vulnerabilities in legacy equipment, and mitigate the risk of internal threats. With those competing priorities, fraud prevention does not always make its way to the top of the list of considerations, even when it should.

Fraud

Fraud Ransomware Licensing Governance

Revenetics Facing Class Action Lawsuit Over Royal Ransomware Attack and Data Breach

HIPAA Journal

MARCH 13, 2023

The Royal ransomware group claimed responsibility for the attack and issued a ransom demand to prevent the publication of the 16GB of data allegedly stolen in the attack. The post Revenetics Facing Class Action Lawsuit Over Royal Ransomware Attack and Data Breach appeared first on HIPAA Journal.

Ransomware

Ransomware HIPAA Fraud

CommonSpirit Health Facing Class Action Lawsuit over Ransomware Attack and Data Breach

HIPAA Journal

JANUARY 6, 2023

The Chicago, IL-based health system, CommonSpirit Health, is facing a class action lawsuit over its October 2022 ransomware attack. Malicious actors gained access to its IT systems on September 16, 2022, and deployed ransomware on October 2, 2022.

Ransomware

Ransomware Electronic Medical Records Fraud Hospitals

877,500 Individuals Affected by Ransomware Attack on Prosthetics & Orthotics Provider

HIPAA Journal

NOVEMBER 23, 2022

The Rochester Hills, MI-based prosthetics, orthotics, and accessibility solution provider, Wright & Filippis, has recently announced that it was the victim of a ransomware attack on its network. The post 877,500 Individuals Affected by Ransomware Attack on Prosthetics & Orthotics Provider appeared first on HIPAA Journal.

Ransomware

Ransomware HIPAA Health Insurance Fraud

New York Ambulance Service Facing Multiple Class Action Lawsuits over Ransomware Attack

HIPAA Journal

DECEMBER 8, 2022

The New York ambulance service, Empress EMS, is facing multiple class action lawsuits over a ransomware attack that was detected on July 14, 2022. The Hive ransomware group was behind the attack, and as per the group’s modus operandi , after gaining access to the network, sensitive files were stolen, then files were encrypted.

Ransomware

Ransomware HIPAA Fraud

Point32Health Confirms Harvard Pilgrim Health Care Member Data Stolen in Ransomware Attack

HIPAA Journal

MAY 25, 2023

In April 2023, Point32Health, the second-largest health insurer in Massachusetts and the parent company of Tufts Health Plan and Harvard Pilgrim Health Care, announced it suffered a ransomware attack that resulted in system outages, including the systems that serviced members, accounts, brokers, and providers.

Ransomware

Ransomware Health Insurance HIPAA Medicare

SAC Health Theft Incident and Multiple Ransomware Attacks Reported

HIPAA Journal

MAY 25, 2022

SAC Health said it is unaware of any actual or attempted misuse of patient data as a result of the break-in; however, as a precaution against identity theft and fraud, affected individuals have been offered complimentary credit monitoring services. Bryan County Ambulance Authority Ransomware Attack Affects 14,000 Patients.

Ransomware

Ransomware HIPAA Health Insurance Medicaid

FBI: At Least 148 Healthcare Organizations Suffered Ransomware Attacks in 2021

HIPAA Journal

MARCH 24, 2022

The Federal Bureau of Investigation (FBI) Internet Crime Complaint Center (IC3) has released its 2021 Internet Crime Report , which reveals there were at least 649 ransomware attacks on critical infrastructure organizations from June 2021 to December 2021. Losses to ransomware are difficult to determine.

Ransomware

Ransomware Public Health HIPAA Fraud

Increasing ransomware attacks are healthcare's new 'pandemic'

Becker's Health IT

SEPTEMBER 6, 2022

Ransomware attacks targeting the healthcare industry have increased by 94 percent in the last year as patient data is used by hackers to commit fraud and identity theft, VentureBeat reported Sept.

Ransomware

Ransomware Fraud

Up to 184,000 Clients of Lutheran Social Services of Illinois Impacted by Ransomware Attack

HIPAA Journal

JANUARY 27, 2023

Des Plaines, IL-based Lutheran Social Services of Illinois, one of the largest providers of social services in the state, has announced that its systems were compromised and ransomware was used to encrypt files. Both healthcare organizations were recently added to the data leak site of the BlackCat ransomware group.

Ransomware

Ransomware HIPAA Hospitals Health Insurance

Telehealth fraud: Tampa pharmacy owner faces 10 years for $931M conspiracy

Healthcare IT News - Telehealth

JANUARY 27, 2021

Department of Justice announced Monday that four people and one company have recently pleaded guilty in a telemedicine pharmacy healthcare-fraud conspiracy that allegedly lasted for years. "Telemarketing fraud is a major threat to the integrity of government and commercial insurance programs," said Derrick L. ON THE RECORD.

Fraud

Fraud Telemedicine Ransomware COVID-19

San Andreas Regional Center Agrees to Settle 2021 Ransomware Attack Lawsuit

HIPAA Journal

JANUARY 31, 2023

San Andreas Regional Center – was filed in the Superior Court of California in response to the breach alleging the healthcare provider was negligent for failing to implement reasonable cybersecurity measures to protect against ransomware attacks, despite being aware of the high risk of attacks on the healthcare sector.

Ransomware

Ransomware Health Insurance Fraud HIPAA

Forefront Dermatology Proposes $3.75 Million Settlement to Resolve Ransomware Lawsuit

HIPAA Journal

NOVEMBER 21, 2022

The Wisconsin-based dermatology practice, Forefront Dermatology, has agreed to settle a class action lawsuit filed on behalf of patients whose protected health information (PHI) was compromised in a ransomware attack in late May 2021. Million Settlement to Resolve Ransomware Lawsuit appeared first on HIPAA Journal.

Ransomware

Ransomware HIPAA Health Insurance Fraud

Second Class Action Lawsuit Filed Against CommonSpirit Health Over Ransomware Attack

HIPAA Journal

JANUARY 24, 2023

Another lawsuit has been filed against CommonSpirit Health over its 2022 ransomware attack and data breach that alleges the nation’s largest catholic health system failed to implement reasonable and appropriate safeguards to prevent unauthorized access to sensitive patient data.

Ransomware

Ransomware HIPAA Fraud Hospitals

Healthcare Organizations Warned About Evil Corp. Cybercrime Syndicate

HIPAA Journal

AUGUST 31, 2022

The group operates out of Russia and has been operational since at least 2009 and is responsible for the infamous Dridex banking Trojan and several other ransomware and malware variants, including BitPaymer, Hades, Phoenixlocker, WastedLocker, SocGholish, GameOver Zeus, and JabberZeus.

Ransomware

Ransomware Fraud HIPAA Public Health

NextGen Healthcare Facing Multiple Class Action Data Breach Lawsuits

HIPAA Journal

MAY 18, 2023

This was the second data breach to be reported by NextGen this year, with the earlier incident being a BlackCat ransomware attack. Further, NextGen had suffered a ransomware attack just a few weeks previously and should have known that security needed to be improved.

Ransomware

Ransomware HIPAA Fraud

Health-ISAC Report Explores Current and Emerging Cyber Threats to the Healthcare Sector

HIPAA Journal

MARCH 30, 2023

Ransomware and phishing continue to be the biggest cybersecurity concerns for healthcare organizations according to the February 2023 Current and Emerging Healthcare Cyber Threat Landscape report from Health-ISAC. Ransomware was the biggest concern for 2022 and 2023 with phishing and spear phishing in second.

Ransomware

Ransomware Fraud Medical Billing HIPAA

Patient Data Compromised in 5 Hacking Incidents, Ransomware Attacks, and Break-ins

HIPAA Journal

NOVEMBER 17, 2022

Salud Family Health Provides Update on September 2022 Ransomware Attack. The breach was reported to the HHS’ Office for Civil Rights using a placeholder of 501 and that figure has yet to be updated on the OCR breach portal; however, the threat actor behind the attack – the Lorenz ransomware group – has dumped a sample of the files online.

Ransomware

Ransomware Health Insurance HIPAA Hospitals

Settlement Reached in Preferred Home Care Data Breach Lawsuit

HIPAA Journal

MARCH 3, 2023

The attack was conducted by the Sodinokibi ransomware group, which published some of the stolen data on its data leak site. Claims will also be accepted up to a maximum of $3,500 per claimant to cover documented, extraordinary losses that have not already been reimbursed, such as losses to fraud and identity theft.

Ransomware

Ransomware Fraud HIPAA

Almost 6 Million Individuals Affected by PharMerica Data Breach

HIPAA Journal

MAY 17, 2023

In April 2023, the Money Message ransomware group announced it had breached the systems of PharMerica and its parent company, BrightSpring Health Services, and added both to its data leak site. The group claimed to have exfiltrated databases containing 4.7 PharMerica has now confirmed the extent of the data breach.

HIPAA

HIPAA Ransomware Health Insurance Fraud

Electromed Proposes $825,000 Class Action Data Breach Settlement

HIPAA Journal

FEBRUARY 15, 2023

The medical device manufacturer Electromed has proposed a $850,000 settlement to resolve claims related to a June 2021 ransomware attack and data breach involving the protected health information of 47,200 individuals. A lawsuit – Lutz, et al.

Ransomware

Ransomware Health Insurance HIPAA Fraud

Data Breaches Reported by University Urology and McPherson Hospital

HIPAA Journal

MAY 10, 2023

McPherson Hospital – Ransomware Attack McPherson Hospital in Kansas has recently issued notification letters to 19,020 patients to alert them about a July 2022 ransomware attack. It is currently unclear how many patients have been affected.

Hospitals

Hospitals Health Insurance Ransomware HIPAA

Cybercriminals Adopt Corporate Tactics to Address Declining Revenues

HIPAA Journal

MARCH 8, 2023

Ransomware gangs in particular have seen profits take a nosedive, with ransom payments decreasing by 38% year-over-year as victims refuse to pay up, even when there is the threat of publication of stolen data. In 2022, ransomware attacks were still common, with LockBit and BlackCat the top ransomware families.

Ransomware

Ransomware HIPAA Fraud

The Rise of Cybercrime: What the 2022 IC3 Report Reveals About Healthcare

Compliancy Group

MARCH 30, 2023

The report also identified several trends in cybercrime, including the increased use of social media platforms as a tool for scams and fraud, the rise of ransomware attacks, and the exploitation of virtual currency transactions. For individuals, cybercrime can result in identity theft, financial fraud, and emotional distress.

HIPAA

HIPAA Ransomware Fraud Compliance

Ransomware Attacks Directed at Businesses Grow

Total HIPAA

FEBRUARY 25, 2020

Ransomware attacks have surged in the last year.¹ Ransomware is a form of malware that infects devices via a Trojan, a kind of malicious code disguised as legitimate software. Frequency of Ransomware Attacks Increases. In 2019, ransomware incidents disrupted many organizations’ infrastructure and ability to do business.

Ransomware

Ransomware HIPAA Compliance Fraud

Healthcare Considerations: Addressing Cyber Risk in the Healthcare Industry

HIT Consultant

MAY 9, 2023

As a result, patients feared an increased risk of fraud. While it was not publicized how the attacker gained initial access to the company’s network, plaintiffs argued that it was the DCA’s poor cybersecurity practices that exposed them to the risk of identity theft and fraud. million Ransomware : 3.85 percent, cost: $73.6

Ransomware

Ransomware Health Insurance HIPAA Fraud

HHS Raises Awareness of Threats to Electronic Health Record Systems

HIPAA Journal

FEBRUARY 21, 2022

EHRs usually contain all the information required for multiple types of fraud, including names, addresses, dates of birth, Social Security numbers, other government and state ID numbers, health data, and health insurance information. Malware, and especially ransomware, pose a significant threat to EHRs.

HIPAA

HIPAA Ransomware Fraud Health Insurance

New York Law Firm Pays $200,000 to State AG to Resolve HIPAA Violations

HIPAA Journal

MARCH 28, 2023

A New York law firm that suffered a LockBit ransomware attack has agreed to pay a financial penalty of $200,000 to the New York Attorney General to resolve alleged violations of New York General Business Law and the Privacy and Security Rules of the Health Insurance Portability and Accountability Act (HIPAA).

HIPAA

HIPAA Health Insurance Ransomware Malpractice

Avamere Holdings Facing Class Action Lawsuit Over 2022 Cyberattack

HIPAA Journal

AUGUST 30, 2022

While the nature of the attack was not disclosed, a ransomware group claimed credit for the attack and uploaded some of the stolen data to its data leak site. The post Avamere Holdings Facing Class Action Lawsuit Over 2022 Cyberattack appeared first on HIPAA Journal.

Nursing Homes

Nursing Homes Fraud HIPAA Ransomware

ZOLL Medical Says 1 Million Patients Affected by January Cyberattack and Data Breach

HIPAA Journal

MARCH 13, 2023

ZOLL Medical did not provide details of the exact nature of the cyberattack, such as whether malware or ransomware was involved, nor if any data was exfiltrated, but did state that no evidence of actual or attempted misuse of patient data has been detected. Notification letters are now being mailed to all affected individuals.

HIPAA

HIPAA Ransomware Fraud

True Health New Mexico Proposes Settlement to Resolve Class Action Data Breach Lawsuit

HIPAA Journal

MARCH 1, 2023

True Health New Mexico identified a security breach on October 5, 2021, with the investigation confirming that an unauthorized third party had gained access to its network and used ransomware to encrypt files. True Health New Mexico proposed the settlement to resolve claims related to these lawsuits with no admission of wrongdoing.

Fraud

Fraud Health Insurance HIPAA Ransomware

2022 Healthcare Data Breach Report

HIPAA Journal

JANUARY 24, 2023

The theft of protected health information places patients and health plan members at risk of identity theft and fraud, but by far the biggest concern is the threat to patient safety. Multiple studies have identified an increase in mortality rates at hospitals following ransomware attacks and other major cyber incidents.

HIPAA

HIPAA Ransomware Hospitals Health Insurance

Another Lawsuit Filed Against Connexin Software Over 2.2 Million-Record Data Breach

HIPAA Journal

FEBRUARY 14, 2023

Another lawsuit has been filed against Connexin Software over its August 2022 ransomware attack and data breach, which affected more than 2.2 On August 26, 2022, Connexin discovered hackers had gained access to its systems and used ransomware to encrypt files. million individuals.

Electronic Medical Records

Electronic Medical Records HIPAA Ransomware Health Insurance

Healthcare Security and Risk – 2023 Health IT Predictions

Healthcare IT Today

JANUARY 2, 2023

Healthcare is the number one type of data hackers set their sites on, and healthcare identity fraud is prevalent. For example, a report from Sophos found that 66% of healthcare organizations reported ransomware attacks last year, jumping from 34% in 2020. Ransomware attacks will continue to increase.

Ransomware

Ransomware Fraud Telemedicine Health Insurance

Oklahoma Institute of Allergy Asthma and Immunology Halts Operations After Cyberattack

HIPAA Journal

MAY 18, 2023

Larger healthcare providers may temporarily divert ambulances and cancel some appointments following a ransomware attack but do not typically halt operations, but smaller healthcare providers may be left with little alternative.

Ransomware

Ransomware HIPAA Health Insurance Fraud

2021 HIPAA “Wall of Shame” Healthcare Data Breaches Up 7.5%

Compliancy Group

JANUARY 25, 2022

Other findings in the report included: Ransomware-related data breaches have doubled in each of the past two years. At the current rate, ransomware attacks will surpass phishing as the number one root cause of data compromises in 2022. We may look back at 2021 as the year when we moved from the era of identity theft to identity fraud.

HIPAA

HIPAA Ransomware Compliance Fraud

Lamoille Health Partners Facing Class Action Lawsuit Over 58K-Record Data Breach

HIPAA Journal

SEPTEMBER 7, 2022

The Morristown, VT-based healthcare provider, Lamoille Health Partners, is facing a class action lawsuit over a June 2022 ransomware attack that affected almost 60,000 of its patients. The attack was detected on June 13, 2022, with the investigation confirming the attackers gained access to its network the previous day.

HIPAA

HIPAA Health Insurance Ransomware Fraud

Editorial: Lessons from Biggest HIPAA Breaches of 2022

HIPAA Journal

DECEMBER 23, 2022

OneTouch Point – Ransomware Attack Involving 4.11 Hackers had gained access to its network and used ransomware to encrypt files, with that information also potentially stolen in the attack. Professional Finance Company – Ransomware Attack Involving 1.92 Doctors’ Center Hospital – Ransomware Attack Involving 1.2

HIPAA

HIPAA Ransomware Health Insurance Hospitals

Cybercriminals seek to take advantage of rapid telehealth scale-up

Healthcare IT News - Telehealth

OCTOBER 28, 2020

"Mass adoption of this technology will lead to new cybercrime focus, with an emphasis on stealing patient data to enable fraud, target health data in ransomware attacks, trick patients in social engineering schemes, and target remote patient monitoring devices," wrote the report authors.

Telemedicine

Telemedicine Ransomware Fraud COVID-19

Netwalker Ransomware Affiliate Sentenced to 20 Years in Jail

290 Hospitals Potentially Affected by Ransomware Attacks in 2022

Trending Sources

Lehigh Valley Health Network Sued After Ransomware Gang Publishes Nude Patient Images

CentraState Medical Center Facing Class Action Lawsuit Over December 2022 Ransomware Attack

Suspected DoppelPaymer Ransomware Core Members Arrested in Europol-Led Operation

Knowing Your Patient: Helping Healthcare Organizations Prevent Insurance Fraud

Revenetics Facing Class Action Lawsuit Over Royal Ransomware Attack and Data Breach

CommonSpirit Health Facing Class Action Lawsuit over Ransomware Attack and Data Breach

877,500 Individuals Affected by Ransomware Attack on Prosthetics & Orthotics Provider

New York Ambulance Service Facing Multiple Class Action Lawsuits over Ransomware Attack

Point32Health Confirms Harvard Pilgrim Health Care Member Data Stolen in Ransomware Attack

SAC Health Theft Incident and Multiple Ransomware Attacks Reported

FBI: At Least 148 Healthcare Organizations Suffered Ransomware Attacks in 2021

Increasing ransomware attacks are healthcare's new 'pandemic'

Up to 184,000 Clients of Lutheran Social Services of Illinois Impacted by Ransomware Attack

Telehealth fraud: Tampa pharmacy owner faces 10 years for $931M conspiracy

San Andreas Regional Center Agrees to Settle 2021 Ransomware Attack Lawsuit

Forefront Dermatology Proposes $3.75 Million Settlement to Resolve Ransomware Lawsuit

Second Class Action Lawsuit Filed Against CommonSpirit Health Over Ransomware Attack

Healthcare Organizations Warned About Evil Corp. Cybercrime Syndicate

NextGen Healthcare Facing Multiple Class Action Data Breach Lawsuits

Health-ISAC Report Explores Current and Emerging Cyber Threats to the Healthcare Sector

Patient Data Compromised in 5 Hacking Incidents, Ransomware Attacks, and Break-ins

Settlement Reached in Preferred Home Care Data Breach Lawsuit

Almost 6 Million Individuals Affected by PharMerica Data Breach

Electromed Proposes $825,000 Class Action Data Breach Settlement

Data Breaches Reported by University Urology and McPherson Hospital

Cybercriminals Adopt Corporate Tactics to Address Declining Revenues

The Rise of Cybercrime: What the 2022 IC3 Report Reveals About Healthcare

Ransomware Attacks Directed at Businesses Grow

Healthcare Considerations: Addressing Cyber Risk in the Healthcare Industry

HHS Raises Awareness of Threats to Electronic Health Record Systems

New York Law Firm Pays $200,000 to State AG to Resolve HIPAA Violations

Avamere Holdings Facing Class Action Lawsuit Over 2022 Cyberattack

ZOLL Medical Says 1 Million Patients Affected by January Cyberattack and Data Breach

True Health New Mexico Proposes Settlement to Resolve Class Action Data Breach Lawsuit

2022 Healthcare Data Breach Report

Another Lawsuit Filed Against Connexin Software Over 2.2 Million-Record Data Breach

Healthcare Security and Risk – 2023 Health IT Predictions

Oklahoma Institute of Allergy Asthma and Immunology Halts Operations After Cyberattack

2021 HIPAA “Wall of Shame” Healthcare Data Breaches Up 7.5%

Lamoille Health Partners Facing Class Action Lawsuit Over 58K-Record Data Breach

Editorial: Lessons from Biggest HIPAA Breaches of 2022

Cybercriminals seek to take advantage of rapid telehealth scale-up

Stay Connected