Reading Room
Ransomware attack on Ascension St. Vincent’s legacy EMR spurs breach notice
SC Media, October 31, 2022
A “security event” deployed against several legacy systems, including an electronic medical record (EMR), at Ascension St. Vincent’s Coastal Cardiology in Georgia has led to the possible compromise of personal and health information tied to an undisclosed number of patients.
Healthcare Data Breach at GA Cardiology Practice Impacts 71K
Health IT Security, October 27, 2022
On August 15, Ascension St. Vincent’s Coastal Cardiology in Brunswick, Georgia, was alerted to a healthcare data breach involving “recently acquired Ascension St. Vincent’s Coastal Cardiology’s legacy systems including the electronic medical record.”
“No Ascension networks or systems, including the practice’s current electronic medical record, were affected by this incident,” the announcement noted.
Vast majority in healthcare industry hit with a cyberattack on cloud infrastructure in the last year
SC Media, October 27, 2022
Netwrix on Thursday reported that 61% of respondents in the healthcare industry suffered a cyberattack on their cloud infrastructure within the last 12 months, compared to 53% for other verticals.
Security Alert: Daixin Ransomware Targets Healthcare
Gov Info Security, October 24, 2022
Beware ransomware and data extortion shakedowns that trace to a cybercrime group called Daixin Team, which is especially targeting the healthcare sector.
Australia’s Medibank Health Insurance Data Held for Ransom, 200 GB of Medical Records Stolen
CPO Magazine, October 24, 2022
Cybersecurity woes for major Australian firms continue as health insurance giant Medibank experienced a data breach that saw 200 GB in medical records stolen by a hacker and held for ransom.
Ransomware Attack Has Varying Impacts Across CommonSpirit Facilities
Health IT Security, October 24, 2022
CommonSpirit Health is still in the process of responding to and recovering from a cyberattack that began in early October and impacted multiple facilities within the health system.
Urgent alert warns Daixan ransomware group hit multiple healthcare providers
SC Media, October 24, 2022
The Daixin ransomware group is actively, and successfully, targeting the healthcare sector in force, with multiple provider organizations facing extortion claims after falling victim to the actors’ tactics since June, according to an urgent joint alert from multiple federal agencies.
MercyOne says it has begun restoring systems following ransomware attack
MSN, October 21, 2022
More than two weeks after a ransomware attack crippled its parent company, MercyOne health system is beginning to restore certain systems that were taken offline.
#StopRansomware: Daixin Team
CISA, October 21, 2022
Alert (AA22-294A)
The FBI, CISA, and Department of HHS are releasing this joint CSA to provide information on the “Daixin Team,” a cybercrime group that is actively targeting U.S. businesses, predominantly in the Healthcare and Public Health (HPH) Sector, with ransomware and data extortion operations.
Keystone Health breach exposed health details of 235k people
Cyber News, October 19, 2022
Pennsylvania-based healthcare service provider Keystone Health suffered a major data breach exposing the protected health information (PHI) of close to a quarter of a million people.