Reading Room

Becker’s Health IT, April 5, 2021

On March 25, the Bethesda, Md.-based Centers for Advanced Orthopaedics began notifying 125,291 patients, employees and dependents of a cyberattack that took place over a yearlong breach.

In a news release, the orthopedics center said that on Sept. 17, 2020, it identified unusual email activity and launched an investigation with assistance from cybersecurity experts. The investigation found that multiple employee email accounts were accessed by a cybercriminal between October 2019 and September 2020.

Read full Becker’s Health IT article.

SC Media, April 1, 2021

Organizations move on plans to strengthen security policies, increase training, invest in technology.

Read full SC Media article.

Computing, March 31, 2021

Patterns of unusual behaviour are the clearest signal of an attack, not programmes or files.

Read full Computing article.

Becker’s Health IT, March 31, 2021

Apple Valley (Minn.) Clinic, part of Minneapolis-based Allina Health, recently transitioned to the health system’s EHR platform following a ransomware attack on its tech services vendor that exposed nearly 158,000 patients’ information.

Read full Becker’s Health IT article.

Homeland Security, March 31, 2021

On March 31, Secretary Mayorkas outlined his vision and roadmap for the Department’s cybersecurity efforts in a virtual address hosted by RSA Conference, in partnership with Hampton University and the Girl Scouts of the USA.

Read Secretary Mayorkas’ prepared remarks on the Homeland Security website.

CPO Magazine, March 18, 2021

There was a general rise in cyber crime in 2020 due to pandemic conditions, but one notable trend that stood out was a spike in the number of major healthcare data breaches. A new report from cybersecurity firm Tenable reviews the entirety of 2020’s publicly disclosed breaches (along with the first two months of 2021) and finds that this spike can be overwhelmingly attributed to ransomware attacks.

Read full CPO Magazine article.

Becker’s Hospital Review, March 12, 2021

Six-hundred clinics, hospital and healthcare organizations were attacked by 92 individual ransomware attacks, affecting 18 million patient records in 2020. The costs of these attacks are almost $21 billion, a Comparitech study found.

The report highlighted ransomware attacks published by HHS that affected more than 500 people. Data breaches affecting fewer than 500 people were included if the breach was reported elsewhere, a limitation the researchers said “only scratch[es] the surface of the problem.”

Read full Becker’s Hospital Review article.

SC Media, March 9, 2021

If ransomware and data exfiltration attacks that targeted hospitals and vaccine researchers during the pandemic signaled a cyber hygiene crisis in health care, the SolarWinds supply chain attack demonstrated just how deep the problem goes.

A new report issued this week by the CyberPeace Institute seeks to illustrate the human impact that relentless cyberattacks have on health care staffers, patients and society. Featuring a compilation of interviews, outside research and recent news stories, the report offers key recommendations for various stakeholders.

Read full SC Media article.

Becker’s Hospital Review, March 9, 2021

More than 200,000 patients, providers and employees of Tacoma, Wash.-based MultiCare began receiving notice that their personal info had been exposed in a recent ransomware attack.

Read full Becker’s Hospital Review article.

Becker’s Hospital Review, March 8, 2021

Sandhills Medical Foundation notified patients that an external cloud vendor underwent a ransomware attack, exposing patients’ personal information, according to a news release. The attackers accessed Sandhills’ system on Nov. 15 and extracted Sandhills’ data before the ransomware attack was launched on Dec. 3.

Read full Becker’s Hospital Review article.