Ransomware Impacts

SC Media, November 9, 2022

The Department of Health and Human Services breach reporting tool shows at least 10 more anesthesia practices have been added to the “data security incident” at a healthcare management company, first reported in October.

Read full SC Media article.

HHS, November 9, 2022

HC3: Analyst Note. Report: 202211091400
Venus Ransomware Targets Publicly Exposed Remote Desktop Services

HC3 is aware of at least one healthcare entity in the United States falling victim to Venus ransomware recently. The threat actors behind Venus ransomware operations are known to target publicly exposed Remote Desktop Services to encrypt Windows devices. This report provides additional information, indicators of compromise, techniques and corresponding mitigations associated with Venus ransomware.

Download HC3 Report as PDF.

MSN, November 9, 2022

Stolen health records for millions of Australians have been publicly released on the dark web following a threat by hackers 24 hours earlier to do precisely that. Last month, the unknown hackers demanded a ransom from Medibank, a private insurance provider in Australia, which the company refused to pay.

Read full MSN article.

SC Media, November 8, 2022

OpenText Security Solutions on Monday reported that some 84% of respondents to a small- and mid-sized business (SMB) survey are concerned about a ransomware attack on their business.

Read full SC Media article.

SC Media, November 7, 2022

Medibank, Australia’s largest health insurer, announced Monday that it will not pay a ransom to the hacker behind the recent data theft affecting 9.7 million customers.

Read full SC Media article.

SC Media, November 4, 2022

US financial institutions processed roughly $1.2 billion in ransomware-related payments last year, a nearly 200 percent increase compared to 2020, according to the Treasury Department.

Read full SC Media article.

ZD Net, November 1, 2022

Ransomware continues to be a significant cyber threat to businesses and the general public – but it’s difficult to know the true impact of attacks because many victims aren’t coming forward to report them.

Read full ZD Net article.

The Asahi Shimbun, November 1, 2022

A major hospital here suspended routine medical services after a ransomware cyberattack shut down the facility’s electronic medical record system, officials said on Oct. 31.

Osaka General Medical Center in the city’s Sumiyoshi Ward is still performing emergency operations, but it has stopped providing outpatient services and postponed other surgeries, hospital officials said at a news conference.

Read full The Asahi Shimbun article.

Gov Info Security, October 31, 2022

Why are so many ransomware-wielding attackers collectively shooting themselves in the foot? Ransomware victims who opt to pay a ransom have been seeing a “decline in quality and reliability” when it comes to quickly restoring affected systems, ransomware incident response firm Coveware reports.

Read full Gov Info Security article.

MSN, October 31, 2022

The White House is hosting its second annual summit, involving dozens of countries and tech companies, to thwart the threat of ransomware attacks.

Read full MSN article.

SC Media, October 31, 2022

A “security event” deployed against several legacy systems, including an electronic medical record (EMR), at Ascension St. Vincent’s Coastal Cardiology in Georgia has led to the possible compromise of personal and health information tied to an undisclosed number of patients.

Read full SC Media article.

Health IT Security, October 27, 2022

On August 15, Ascension St. Vincent’s Coastal Cardiology in Brunswick, Georgia, was alerted to a healthcare data breach involving “recently acquired Ascension St. Vincent’s Coastal Cardiology’s legacy systems including the electronic medical record.”

“No Ascension networks or systems, including the practice’s current electronic medical record, were affected by this incident,” the announcement noted.

Read full Health IT Security article.