Year: 2020

In December 2019, the Department of Health and Human Services’ Office for Civil Rights received 38 reports of healthcare data breaches involving 500 or more records exposed, which is 8.57% more than the reported healthcare […]

The people behind the Maze ransomware are pushing through with their threats on victims to post stolen data during ransomware attacks when the ransom is not paid. In December, Southwire based in Carrollton, GA declined […]

Pulse Secure customers received an advisory from the Cybersecurity and Infrastructure Security Agency (CISA) to implement the patch for vulnerability CVE-2019-11510 of the 2019 Pulse Secure VPN . Cybercriminals continue to attack unpatched Pulse Secure […]

On January 1, 2020, the implementation of the California Consumer Protection Act (CCPA) began. CCPA gave state residents more privacy protections and new rights relating to their personal data. Healthcare data that is protected by […]

Healthcare provider InterMed based in Portland, ME is notifying 33,000 patients about the potential compromise of some of their protected health information (PHI) as a result of a phishing attack. InterMed detected the attack on […]

Adventist Health Sonora in California suffered unauthorized access by a person to a hospital associate’s email account causing the likely compromise of patient data. Adventist Health Sonora’s information security team discovered the email account compromise […]

To prevent the exploitation of critical vulnerabilities, Microsoft has released patches for all supported Windows versions that need immediate attention. Although no report of vulnerabilities exploitation has been received, the threat is serious and it […]

A recent survey by Buck revealed that a lot of group health plan sponsors do not fully comply with the Health Insurance Portability and Accountability Act Rules. Buck is a company providing integrated HR and […]

Threat actors nowadays commonly use ransomware for file encryption to prevent data access. In addition, they steal information and threaten the victims that their stolen data will be published or sold if they would not […]

A phishing attack on Alomere Health in Alexandria, MN resulted in the potential access of the protected health information (PHI) of almost 50,000 patients by unauthorized individuals. After discovering the phishing attack on November 6, […]

A week ago, the Federal Bureau of Investigation (FBI) released a flash alert cautioning private businesses in the United States regarding the possibility of Maze ransomware attacks. The alert came after several days from the […]

The U.S. Department of Justice (DOJ) announced that a former employee of an unnamed hospital in New York City pleaded guilty to employing malicious software to acquire the credentials of co-workers, which he afterward misused […]

In 2019, the Department of Health and Human Services’ Office for Civil Rights (OCR) issued 10 financial penalties and one civil monetary penalty. OCR received a total of $12,274,000 for the settlement of HIPAA violation […]

Center for Health Care Services (CHCS) based in San Antonio, TX encountered a cyberattack that resulted in computer systems de-activation during the holiday period. CHCS provides individuals with developmental handicaps, mental health problems, and substance […]

An alert issued by cybersecurity company Emsisoft mentioned the use of a decryptor bug by Ryuk ransomware victims to recover their records. Using this bug in the decryptor application could result in file corruption and […]