Ransomware Impacts

Health IT Security, December 23, 2022

MultiCare Health System in Washington suffered a third-party data breach that originated at its mailing service provider, Kaye-Smith. As previously reported, the breach at Kaye-Smith impacted other healthcare organizations, including 31,573 individuals at St. Luke’s Health System in Idaho. The breach impacted more than 23,000 individuals at MultiCare.

Read full Health IT Security article.

IT World Canada, December 22, 2022

The impact of the ransomware attack that hit Toronto’s Hospital for Sick Children may last for weeks. In an online statement today the hospital said it anticipates that it will be a matter of weeks before all systems are functioning as normal. There is no evidence to date that personal information or personal health information has been impacted.

Read full IT World Canada article.

SC Media, December 22, 2022

The pro-Russian hacktivist group known as “KillNet” targeted a U.S. healthcare entity. The attack should serve as a warning to provider organizations to be on the alert and shore up defenses to prevent a similar outcome, according to the latest Department of Health and Human Services Cybersecurity Coordination Center alert.

Read full SC Media article.

Tech Report, December 21, 2022

A new ransomware named Royal has infected Healthcare and Public Healthcare sectors in the US. It is unknown how many successful attacks have occurred but Health Sector Cybersecurity Coordination Center (HC3) have stated that ransoms from $250,000 to over $2 million USD have been demanded.

Read full Tech Report article.

SC Media, December 21, 2022

Ransomware attacks rose 41% last month as threat actor groups shifted top spots, according to new research from NCC Group.

Read full SC Media article.

SC Media, December 19, 2022

Provider organizations are being urged to prioritize patching of a critical vulnerability in the Citrix Application Delivery Controller and Gateway platforms, as threat actors have already compromised multiple healthcare entities by exploiting the flaw.

Read full SC Media article.

Gov Info Security, December 16, 2022

Nearly a quarter million Medicare beneficiaries require new identifiers and ID cards following a ransomware attack on a government contractor that compromised a range of sensitive personal and health information.

Read full Gov Info Security article.

SC Media, December 15, 2022

The Department of Health and Human Services Centers for Medicare and Medicaid Services is currently notifying 254,000 out of its 64 million Medicare beneficiaries that their data was compromised after a ransomware attack on one of its third-party vendors.

Read full SC Media article.

Becker’s Health IT, December 14, 2022

The Health Sector Cybersecurity Coordination Center, or HC3, is warning healthcare organizations to be on the lookout for the BlackCat ransomware variant.

Known to be in operation since November 2021, BlackCat has already targeted the healthcare and public health sector and is expected to continue, according to the Dec. 12 HC3 analyst note. It is “part of one of the most sophisticated ransomware-as-a-service operations in the global cybercriminal ecosystem,” HC3 said.

Read full Becker’s Health IT article.

Health IT Security, December 14, 2022

The HHS Health Sector Cybersecurity Coordination Center (HC3) issued two new analyst notes detailing the tactics and indicators of compromise for LockBit 3.0 and BlackCat. The LockBit ransomware family and the BlackCat ransomware variant have been observed targeting the healthcare sector.

Healthcare organizations should remain vigilant and apply recommended mitigations to reduce risk.

Read full Health IT Security article.

Healthcare Info Security, December 14, 2022

Ransomware operations have become expert at finding ways to make a victim pay, and healthcare organizations are no exception. But experts say there are multiple steps healthcare sector entities in particular can take to better protect themselves and ensure that in the event of an attack, they can quickly restore systems and never have to consider paying a ransom.

Read full Healthcare Info Security article.

Bank Info Security, December 13, 2022

A ransomware attack on the Irish healthcare system in 2021 has caused 80 million euros in damages and counting as the government continues to notify victims of the incident that their personal information was illegally accessed and copied.

Read full Bank Info Security.