Reading Room
MultiCare Notifies 23K of Third-Party Breach
Health IT Security, December 23, 2022
MultiCare Health System in Washington suffered a third-party data breach that originated at its mailing service provider, Kaye-Smith. As previously reported, the breach at Kaye-Smith impacted other healthcare organizations, including 31,573 individuals at St. Luke’s Health System in Idaho. The breach impacted more than 23,000 individuals at MultiCare.
Toronto children’s hospital confirms it was hit by ransomware
IT World Canada, December 22, 2022
The impact of the ransomware attack that hit Toronto’s Hospital for Sick Children may last for weeks. In an online statement today the hospital said it anticipates that it will be a matter of weeks before all systems are functioning as normal. There is no evidence to date that personal information or personal health information has been impacted.
HHS alert warns KillNet hacktivist group targeted US healthcare entity
SC Media, December 22, 2022
The pro-Russian hacktivist group known as “KillNet” targeted a U.S. healthcare entity. The attack should serve as a warning to provider organizations to be on the alert and shore up defenses to prevent a similar outcome, according to the latest Department of Health and Human Services Cybersecurity Coordination Center alert.
US Healthcare Targeted in Royal Cyber Attacks
Tech Report, December 21, 2022
A new ransomware named Royal has infected Healthcare and Public Healthcare sectors in the US. It is unknown how many successful attacks have occurred but Health Sector Cybersecurity Coordination Center (HC3) have stated that ransoms from $250,000 to over $2 million USD have been demanded.
Royal overtakes LockBit as top ransomware in November as attacks increase 41%
SC Media, December 21, 2022
Ransomware attacks rose 41% last month as threat actor groups shifted top spots, according to new research from NCC Group.
HHS urges prompt patch of critical Citrix flaw after healthcare entities exploited
SC Media, December 19, 2022
Provider organizations are being urged to prioritize patching of a critical vulnerability in the Citrix Application Delivery Controller and Gateway platforms, as threat actors have already compromised multiple healthcare entities by exploiting the flaw.
Subcontractor Breach Affects 245K Medicare Beneficiaries
Gov Info Security, December 16, 2022
Nearly a quarter million Medicare beneficiaries require new identifiers and ID cards following a ransomware attack on a government contractor that compromised a range of sensitive personal and health information.
HHS reports third-party vendor incident compromised health data of 254K
SC Media, December 15, 2022
The Department of Health and Human Services Centers for Medicare and Medicaid Services is currently notifying 254,000 out of its 64 million Medicare beneficiaries that their data was compromised after a ransomware attack on one of its third-party vendors.
HC3 warns healthcare organizations of BlackCat ransomware variant
Becker’s Health IT, December 14, 2022
The Health Sector Cybersecurity Coordination Center, or HC3, is warning healthcare organizations to be on the lookout for the BlackCat ransomware variant.
Known to be in operation since November 2021, BlackCat has already targeted the healthcare and public health sector and is expected to continue, according to the Dec. 12 HC3 analyst note. It is “part of one of the most sophisticated ransomware-as-a-service operations in the global cybercriminal ecosystem,” HC3 said.
HHS Warns Healthcare Sector of LockBit 3.0, BlackCat Ransomware
Health IT Security, December 14, 2022
The HHS Health Sector Cybersecurity Coordination Center (HC3) issued two new analyst notes detailing the tactics and indicators of compromise for LockBit 3.0 and BlackCat. The LockBit ransomware family and the BlackCat ransomware variant have been observed targeting the healthcare sector.
Healthcare organizations should remain vigilant and apply recommended mitigations to reduce risk.