Latest News Articles

TitleDescription
560 Healthcare Providers Fell Victim to Ransomware Attacks in 2020

Health IT Security, January 19, 2021

In 2020, Emsisoft data shows 560 healthcare provider facilities fell victim to ransomware attacks, of an overall 2,354 US entities hit by the malware variant.

Read full Health IT Security article.

After widespread hospital attacks, targeting of health care industry continues to rise

SC Media, January 5, 2021

A wave of ransomware attacks against hospitals in the United States and United Kingdom late last year shocked the conscious of many cybersecurity professionals. Things have only gotten worse for the health care industry since then.

Read full SC Media article.

BioTel Heart vendor breach left patients’ information public for nearly a year

Becker’s Health IT, April 5, 2021

BioTel Heart began informing 38,575 patients that a vendor data breach may have left their personal information exposed for nearly a year.

In a data breach notice, BioTel Heart said that on Jan. 28, the healthcare provider was informed about the data breach. It launched an investigation and learned that patients’ personal information was accessible to the public between Oct. 17, 2019, and Aug. 9, 2020.

Read full Becker’s Health IT article.

CIS Launches No-Cost Ransomware Service for U.S. Hospitals

Center for Internet Security (CIS), February 18, 2021

The nonprofit Center for Internet Security announced this week that it had launched a no-cost ransomware protection service for private hospitals in the United States. The Malicious Domain Blocking and Reporting service, which is already available for public hospitals, health departments and healthcare organizations, uses Enterprise Threat Protector software from the cybersecurity vendor Akamai to proactively identify, block and mitigate targeted threats.

Read full CIS article.

CISA Launches Campaign to Reduce the Risk of Ransomware

Cybersecurity & Infrastructure Security Agency (CISA), January 21, 2021

The Cybersecurity and Infrastructure Security Agency (CISA) announced the Reduce the Risk of Ransomware Campaign today, a focused, coordinated and sustained effort to encourage public and private sector organizations to implement best practices, tools and resources that can help them mitigate this cybersecurity risk and threat.

Read full CISA article.

Cyberattack Drives 2 UF Health Hospitals to EHR Downtime

Health IT Security, June 7, 2021

Reports show UF Health in Central Florida leadership is looking into a cyberattack against two of its hospitals, while operating under EHR downtime procedures.

Read full Health IT Security article.

Cyberattack on UVM Health Network Impedes Chemotherapy Appointments

The cyberattack has halted chemotherapy, mammogram and screening appointments, and led to 300 staff being furloughed or reassigned.

Read full threatpost.com article.

Cyberattacks on Healthcare Spike 45% Since November

Threat Post, January 5, 2021

The relentless rise in COVID-19 cases is battering already frayed healthcare systems — and ransomware criminals are using the opportunity to strike.

Read full Threat Post article.

Cybercriminals accessed Maryland orthopedic center’s emails for a year, affecting 125,000

Becker’s Health IT, April 5, 2021

On March 25, the Bethesda, Md.-based Centers for Advanced Orthopaedics began notifying 125,291 patients, employees and dependents of a cyberattack that took place over a yearlong breach.

In a news release, the orthopedics center said that on Sept. 17, 2020, it identified unusual email activity and launched an investigation with assistance from cybersecurity experts. The investigation found that multiple employee email accounts were accessed by a cybercriminal between October 2019 and September 2020.

Read full Becker’s Health IT article.

Cybersecurity for healthcare systems, medical devices more critical than ever

Today’s Medical Developments, June 11, 2021

Rise in ransomware attacks forcing hospitals to harden cybersecurity.

Cybercriminals have stepped up their game during the pandemic, launching ransomware attacks at a frenzied pace. In 2020, more than 90 U.S. healthcare organizations reported ransomware attacks, which affected over 600 separate clinics, hospitals and organizations and 18 million-plus patient records.

Read full Today’s Medical Developments article.

Dead System Admin’s Credentials Used for Ransomware Attack

Healthcare Info Security, January 28, 2021

Operators of the Nefilim ransomware used the credentials of a deceased system administrator to plant their crypto-locking malware in about 100 vulnerable systems during one attack, according to a recent report published by security firm Sophos.

Read full Healthcare Info Security article.

Emerging Tech Shapes the Next Generation of Military Health Care

GOVERNMENT CIO MEDIA & RESEARCH, April 19, 2021

Automation and AI can support medical decision-making on the battlefield, but security remains crucial.

Read full Government CIO Media & Research article.

FBI says Conti ransomware gang has hit 16 U.S. health and emergency networks

SC Media, May 21, 2021

The Federal Bureau of Investigation said that the same group of online extortionists blamed for striking the Irish health system last week have also hit at least 16 U.S. medical and first response networks in the past year.

Read full SC Media article.

FBI Warns Egregor Ransomware Actors Actively Extorting Entities

Cybersecurity News, Janury 7, 2021

A Wednesday FBI private industry notification warns entities that the threat actors behind Egregor ransomware are actively targeting and exploiting a range of global businesses.

Read full Cybersecurity News article.

FBI warns ransomware assault threatens US health care system

AP News, October 29, 2020

Federal agencies warned that cybercriminals could unleash a wave of data-scrambling extortion attempts against the U.S. health care system, an effort that, if successful, could paralyze hospital information systems just as nationwide cases of COVID-19 are spiking.

Read full AP News article. 

Hackers claim they stole Stanford Medicine data, posted info online: 4 things to know

Becker’s Health IT, April 5, 2021

Stanford University is investigating claims that hackers stole personal data from its medical school and published the information online.

Read full Becker’s Health IT article.

Hackers Dump More Health Data, as Feds Share Ransomware Factsheet

Health IT Security, February 8, 2021

The Conti ransomware hacking group recently released two massive healthcare data dumps tied to Leon Medical Centers and Nocona General Hospital on the dark web for sale. The leaks follow a newly released National Cyber Investigative Joint Task Force (NCIJTF) ransomware factsheet.

Read full Health IT Security article.

Health care organizations funnel dollars into security as pandemic, medical developments drive surge in attacks

SC Media, April 1, 2021

Organizations move on plans to strengthen security policies, increase training, invest in technology.

Read full SC Media article.

Health care ransomware attacks: Oklahoma health system driven to EHR downtime

SC Media, June 16, 2021

Stillwater Medical Center was hit with a ransomware attack on June 13 and is currently operating under electronic health record downtime as it attempts to bring its systems back online. The health system operates a number of care sites, specialist offices, hospitals and clinics in Oklahoma.

Read full SC Media article.

Health Care Ransomware Strains Have Hospitals in the Crosshairs

SECURITY INTELLIGENCE, April 23, 2021

The language of digital attacks shares a lot with the language of disease: ‘viruses’ ‘infect’ computers, and stopping their spread can be like trying to keep down a contagious disease.

Read full Security Intelligence article.

Health care system faces ‘very real’ threat of ransomware attacks

News Center Maine, June 16, 2021

Criminals usually target hospitals for medical records, since they can sell for 200 to 500 dollars on the dark web compared to 14 dollars for financial records.

Read full News Center Maine article.

Healthcare Organizations Bear the Brunt of Cyberattacks Amid Pandemic

DARK READING, January 6, 2021

Hospitals and other healthcare organizations bore the brunt of cyberattacks last year, all the while struggling to cope with the challenges posed by the COVID-19 pandemic.

According to a new report this week from Check Point Software, attacks on healthcare entities worldwide jumped 45% in the past two months as attackers tried to take advantage of the pandemic by disrupting operations and extorting ransoms from organizations under tremendous pressure to provide uninterrupted services.

Read full Dark Reading article.

Healthcare Organizations: Moving to High Alert for Ransomware

CSO ONLINE, April 13, 2021

Numerous healthcare facilities were attacked in the last year, including one incident in Germany that lead to a death when ransomware locked systems and a patient needing critical care was turned away.

Read full CSO Online article.

Healthcare’s Data Extortion Problem, and How to Prepare for Ransomware

HEALTH IT SECURITY, April 12, 2021

Data extortion attempts are now occurring in at least 70 percent of all ransomware attacks. How can healthcare providers best combat these pervasive tactics?

Read full Health IT Security article.

HHS Shares Resources for Avoiding Ransomware Attacks

American College of Radiology, June 16, 2021

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) is encouraging organizations to familiarize themselves with the growing threat of ransomware — malicious software that blocks access to a computer system until an amount of money (ransom) is paid — and to take steps to avoid the threat. HHS recently provided links to online government resources to help healthcare facilities protect their computer systems from the ransomware threat.

Read full list of resources on acr.org.

Homeland Security Secretary Backs Call for Mandatory Disclosure of Ransomware Payments

NEXTGOV, April 29, 2021

DHS Secretary Alejandro Mayorkas said the department will work with a task force developed by the private sector on ways to tamp down the increase in ransomware attacks.

Read full NextGov article.

 

Minnesota clinic transitions to Allina Health’s EHR after ransomware attack

Becker’s Health IT, March 31, 2021

Apple Valley (Minn.) Clinic, part of Minneapolis-based Allina Health, recently transitioned to the health system’s EHR platform following a ransomware attack on its tech services vendor that exposed nearly 158,000 patients’ information.

Read full Becker’s Health IT article.

Minnesota’s Lake Region Healthcare Recovering From Ransomware Attack

IT Health Security, Janury 7, 2021

A ransomware attack struck Minnesota-based Lake Region Healthcare just before Christmas, resulting in some system disruptions; “activist” data leaks and two email hacks complete this week’s breach roundup.

Read full IT Health Security article.

Navajo Nation hospital the latest victim of brutal wave of ransomware attacks

Yahoo.com, March 3, 2021

When Rehoboth McKinley Christian Health Care Services in Gallup, New Mexico, was hit with a cyberattack earlier this year, the hospital’s staff had to revert to pen and paper to keep things running.

Read full Navajo Nation hospital ransomware attack article on Yahoo.com.

Opinion: We at Scripps Health were victims of a ransomware attack. Here’s what we’ve learned.

The San Diego Union-Tribune, June 10, 2021

This past year, we’ve witnessed doctors, nurses and hospitals on the front lines of the COVID-19 pandemic performing heroically in the face of the most difficult circumstances seen in a century. Just as it seems hospitals and health-care systems may be rounding a corner on coronavirus, the cybersecurity threat has been covertly plaguing our hospital systems and critical care facilities.

Read full San Diego Union-Tribune article.

Patients of a Vermont Hospital Are Left ‘in the Dark’ After a Cyberattack

NY Times, November 26, 2020

A wave of damaging attacks on hospitals upended the lives of patients with cancer and other ailments. “I have no idea what to do,” one said.

Cyberattacks on America’s health systems have become their own kind of pandemic over the past year as Russian cybercriminals have shut down clinical trials and treatment studies for the coronavirus vaccine and cut off hospitals’ access to patient records, demanding multimillion-dollar ransoms for their return.

Read full NY Times article.

Ransomware attack affects 750,000 Personal Touch patients, employees across U.S.

Becker’s Health IT, April 5, 2021

Personal Touch Holding Corp., the parent company of Personal Touch Home Care centers across the U.S., recently began notifying 753,107 patients and employees of a ransomware attack on its cloud-stored business records.

The data breach occurred between Jan. 20 and Jan. 27. On Jan. 27, Lake Success, N.Y.-based Personal Touch became aware of the cyberattack on the private cloud hosted by its service providers, a news release said.

Read full Becker’s Health IT article.

Ransomware attack alert! The tell-tale signals to look for

Computing, March 31, 2021

Patterns of unusual behaviour are the clearest signal of an attack, not programmes or files.

Read full Computing article.

Ransomware attack exposed info of 210K MultiCare patients, providers, workers

Becker’s Hospital Review, March 9, 2021

More than 200,000 patients, providers and employees of Tacoma, Wash.-based MultiCare began receiving notice that their personal info had been exposed in a recent ransomware attack.

Read full Becker’s Hospital Review article.

Ransomware attack on health care company, CaptureRx, exposes multiple providers

SC Media, May 10, 2021

A ransomware attack against CaptureRx, a drug-related administrative service provider in San Antonio, Texas, resulted in the exposure of the health information of patients or customers at several health care providers across the U.S., reports ZDNet.

Read full SC Media article.

Ransomware attacks on healthcare organizations cost nearly $21B last year, study finds

Becker’s Hospital Review, March 12, 2021

Six-hundred clinics, hospital and healthcare organizations were attacked by 92 individual ransomware attacks, affecting 18 million patient records in 2020. The costs of these attacks are almost $21 billion, a Comparitech study found.

The report highlighted ransomware attacks published by HHS that affected more than 500 people. Data breaches affecting fewer than 500 people were included if the breach was reported elsewhere, a limitation the researchers said “only scratch[es] the surface of the problem.”

Read full Becker’s Hospital Review article.

Ransomware Attacks: CISA Shares Operational Tech Asset Security Guide

Health IT Security, June 10, 2021

In response to ongoing ransomware attacks targeting operational tech assets and control systems of critical infrastructure entities, CISA published a guide to mitigation and response.

Read ful Health IT Security article.

Ransomware gang behind Ireland attack also hit US health and emergency networks

MSN, May 23, 2021

The ransomware attack that hobbled the Irish healthcare system was far from an isolated incident.  BleepingComputer and Gizmodo note that the FBI has issued a flash alert warning that the ransomware group behind the Ireland attack also targeted “at least” 16 healthcare and emergency networks, including police and 911 dispatch centers.  The group used Conti ransomware that steals files, encrypts systems and pressures victims into paying through a portal lest their data be sold or published online.

Read full MSN article.

Ransomware in healthcare: The inevitable truth

MedCity News, October 30, 2020

The best path forward for healthcare organizations is first to understand the characteristics, causes, and indicators of ransomware attacks and then be proactive in taking preventative measures.

Read full MedCity News article.

Ransomware Task Force releases long-awaited recommendations

SC Media, April 29, 2021

The Ransomware Task Force (RTF), a collaboration of more than 60 stakeholders, released its long-awaited ransomware framework on Thursday morning, advocating nearly 50 interlocking government and private sector strategies to tackle the criminal scourge.

Read full SC Media article.

 

Ransomware, supply chain attacks compel health care organizations to act

SC Media, March 9, 2021

If ransomware and data exfiltration attacks that targeted hospitals and vaccine researchers during the pandemic signaled a cyber hygiene crisis in health care, the SolarWinds supply chain attack demonstrated just how deep the problem goes.

A new report issued this week by the CyberPeace Institute seeks to illustrate the human impact that relentless cyberattacks have on health care staffers, patients and society. Featuring a compilation of interviews, outside research and recent news stories, the report offers key recommendations for various stakeholders.

Read full SC Media article.

Rise in Healthcare Data Breaches Driven by Ransomware Attacks

CPO Magazine, March 18, 2021

There was a general rise in cyber crime in 2020 due to pandemic conditions, but one notable trend that stood out was a spike in the number of major healthcare data breaches. A new report from cybersecurity firm Tenable reviews the entirety of 2020’s publicly disclosed breaches (along with the first two months of 2021) and finds that this spike can be overwhelmingly attributed to ransomware attacks.

Read full CPO Magazine article.

Secretary Mayorkas Outlines His Vision for Cybersecurity Resilience

Homeland Security, March 31, 2021

On March 31, Secretary Mayorkas outlined his vision and roadmap for the Department’s cybersecurity efforts in a virtual address hosted by RSA Conference, in partnership with Hampton University and the Girl Scouts of the USA.

Read Secretary Mayorkas’ prepared remarks on the Homeland Security website.

Texas Medical Center Breach Affects 640,000

Data Breach Today, January 22, 2021

An apparent ransomware incident at a Texas healthcare organization has potentially compromised the protected health information of more than 640,000 individuals.

Read full Data Breach Today article.

The Institute for Security and Technology (IST) Launches Multi-Sector Ransomware Task Force (RTF)

Institute for Security and Technology (IST), December 21, 2020

The Institute for Security and Technology (IST) — in partnership with a broad coalition of experts in industry, government, law enforcement, nonprofits, cybersecurity insurance, and international organizations — is launching a new Ransomware Task Force (RTF) to tackle this increasingly prevalent and destructive type of cybercrime. The RTF’s founding members understand that ransomware is too large of a threat for any one entity to address, and have come together to provide clear recommendations for both public and private action that will significantly reduce the threat posed by this criminal enterprise.

Read full IST article.

The National Cyber Investigative Joint Task Force Releases Ransomware Fact Sheet

FBI.gov, February 4, 2021

The National Cyber Investigative Joint Task Force (NCIJTF) has released a new joint-seal ransomware fact sheet. This educational product is intended to provide the public important information on the current ransomware threat and the government’s response, as well as common infection vectors, tools for attack prevention, and important contacts in the event of a ransomware attack.

Read full FBI.gov article.

Universal Health Services Estimates $67 Million in Ransomware Losses

Info Security Magazine, March 2, 2021

A ransomware attack on Universal Health Services (UHS) last autumn cost the company an estimated $67 million in downtime and related expenses, it has revealed.

The Fortune 500 healthcare organization has tens of thousands of employees in the US and UK and annual revenues exceeding $10 billion.

Read full Info Security Magazine article.

UVM Health Delays Epic EHR Implementation After Cyberattack, COVID-19

EHR Intelligence, January 6, 2021

One of 2020’s worst cyberattacks resulted in University of Vermont (UVM) Health delaying its Epic EHR implementation schedule.

Read full EHR Implementation article.

Vendor ransomware attack exposes patient information at South Carolina practice

Becker’s Hospital Review, March 8, 2021

Sandhills Medical Foundation notified patients that an external cloud vendor underwent a ransomware attack, exposing patients’ personal information, according to a news release. The attackers accessed Sandhills’ system on Nov. 15 and extracted Sandhills’ data before the ransomware attack was launched on Dec. 3.

Read full Becker’s Hospital Review article.

What Happens After a Ransomware Attack in the Health IT Environment?

Health IT Security, June 9, 2021

CyberMDX’s Ido Geffen takes a hard look at ransomware attacks within a healthcare environment, including what providers are getting wrong and needed security mitigations.

Read full Health IT Security article.

White House urges US companies to take ransomware seriously

Tech Republic, June 3, 2021

A new White House memo to business leaders underscores the threat of ransomware and offers advice on how to protect their companies.

Read full Tech Republic article.

Pin It on Pinterest

Share This