Reading Room
Memorial Health Faces Lawsuit After Hive Ransomware Cyberattack
Health IT Security, January 26, 2022
Hive ransomware group claimed responsibility for an August 2021 cyberattack against Memorial Health System, and victims are now demanding answers.
Lessons Learned from Ireland’s Healthcare System Ransomware Attack
Security Boulevard, January 26, 2022
In May 2021 Ireland’s public healthcare system, the Health Services Executive (HSE), was hit with a ransomware attack that proved to be extremely costly and disrupted healthcare for months.
A detailed post-mortem of the attack, produced by consulting firm PriceWaterhouseCoopers, (PWC) runs to 150 pages. The report includes not only a description of what happened, but an analysis of mitigating factors and recommendations as well. There’s a lot that can be learned from this attack and from the PriceWaterhouseCoopers report.
Threat Actors Shift Tactics, Targets As Ransomware Evolves
Health IT Security, January 25, 2022
As ransomware continues to evolve, threat actors are favoring double extortion, RaaS, and software vulnerability exploits.
HC3: Healthcare Adversaries Are Actively Leveraging Log4j Vulnerabilities
Cybersecurity News, January 24, 2022
HC3 issued a detailed brief regarding Log4j vulnerabilities, which are being actively exploited by known healthcare adversaries.
Memorial Health System Confirms Data Breach
Info Security, January 21, 2022
A cyber-attack on an Ohio-based health system may have exposed the protected health information (PHI) of 216,478 patients.
HHS shares Log4j remediation guide, urges healthcare to assume compromise
SC Media, January 21, 2022
The Department of Health and Human Services Cybersecurity Coordination Center (HC3) issued a nearly 50-page guide on the threat and potential impact of the Log4j vulnerability found in the Apache Foundation logging tool.
Healthcare Cyberattacks, Vendor Mishaps Result in PHI Exposure
Health IT Security, January 19, 2022
Third-party vendor errors and healthcare cyberattacks continue to jeopardize patient privacy and cause PHI exposure.
Whether PHI exposure results from healthcare cyberattacks, employee errors, or vendor mistakes, the consequences of a healthcare data breach can be detrimental to patient privacy and security.
10 nations coordinate shutdown of ransomware VPN service
SC Media, January 18, 2022
On Monday, law enforcement agencies in 10 nations, including the FBI in the United States, shut down a 15-server VPN service used to anonymize ransomware attacks.
Ransomware: 2,300+ local governments, schools, healthcare providers impacted in 2021
ZD Net, January 18, 2022
An Emsisoft report found that more than 1,000 schools alone were disrupted by ransomware incidents.
Additional Healthcare Firms Disclose Impact From Netgain Ransomware Attack
Security Week, January 17, 2022
Healthcare providers Caring Communities and Entira Family Clinics are warning patients that their personal information may have been exposed in a data breach that hit tech vendor Netgain Technology more than a year ago.
In late November 2020, Netgain, which provides managed IT services to organizations in sectors such as accounting, healthcare, and legal, fell victim to a ransomware attack that also resulted in the compromise of customer data.