October 2020 - calHIPAA

Ryuk Ransomware Attackers are Targetting the Healthcare and Public Health Sector

October 30, 2020 Christine Garcia

The Cybersecurity and Infrastructure Security Agency (CISA), the Department of Health and Human Services (HHS) and the Federal Bureau of Investigation (FBI) have given an advisory regarding elevated Ryuk ransomware activity directed at the public […]

Aetna Paid $1 Million HIPAA Penalty for Three Data Breaches

October 29, 2020 Christine Garcia

Aetna Life Insurance Company and the associated covered entity (Aetna) has decided to resolve several potential HIPAA violations that the Department of Health and Human Services’ Office for Civil Rights (OCR) found in the course […]

Data Breach at Sonoma Valley Hospital and Lycoming-Clinton Joinder Board

October 28, 2020 Christine Garcia

On October 11, 2020, Sonoma Valley Hospital based in California encountered a computer security breach that resulted in the shutdown of its computer systems, hence “a significant downtime event” occurred. The hospital went ahead with […]

HITRUST Certification Proves LuxSci’s Commitment to Protecting Data Privacy and Security

October 26, 2020 Christine Garcia

LuxSci, a provider of HIPAA-compliant email communications services based in Massachusetts, has reported that it has gotten HITRUST CSF Certification. The HITRUST Common Security Framework (CSF) is an all-inclusive, certifiable platform for companies that generate, […]

HIPAA Enforcement Activity in September 2020

October 23, 2020 Christine Garcia

Before September, the HHS’ Office for Civil Rights only issued three financial penalties on covered entities and business associates over HIPAA violations. Yet, in September, there was a squall of notices regarding HIPAA settlements when […]

September 2020 Healthcare Data Breach Report

October 22, 2020 Christine Garcia

September is awful in terms of data breaches. HIPAA-covered entities and business associates reported 95 data breaches involving at least 500 records. The increase in breaches is 156.75% compared to last August 2020. There wasn’t […]

NCSC Issued an Active Threat Warning Concerning a SharePoint RCE Vulnerability

October 21, 2020 Christine Garcia

The UK National Cyber Security Centre (NCSC) just recently issued a security warning urging companies to patch a critical remote code execution vulnerability present in Microsoft SharePoint. There is also an advisory from the DHS […]

CISA Urges Organizations to Patch Wormable ‘Bad Neighbor’ Windows TCP/IP Vulnerability Now

October 20, 2020 Christine Garcia

On October 2020 Patch Tuesday, Microsoft launched a patch to fix a critical remove code execution vulnerability identified in the Microsoft Windows Transmission Control Protocol (TCP)/IP stack. The vulnerability is caused by the way TCP/IP […]

Silent Librarian Spear Phishing Campaign Targeting Universities Restarted

October 19, 2020 Christine Garcia

Silent Librarian, also known as Cobalt Dickens and TA407, centered in Iran has begun again spear-phishing attacks on colleges in America and all over the world. Since 2013, the hacking group has been executing attacks […]

Sen. Warner Inquires About the Alleged Universal Health Services Ransomware Attack

October 15, 2020 Christine Garcia

Universal Health Services has affirmed that its 250 hospitals in the USA are operational and hoping to catch a person thought to be behind the ransomware attack that shut down its systems for three weeks. […]

Cyber Attack on a Clinical Trial Software Provider eResearchTechnology

October 14, 2020 Christine Garcia

eResearchTechnology in Philadelphia is a company marketing software for clinical trials, for instance, the clinical trials relating to Covid-19 vaccines. The company experienced a ransomware attack last September 20, 2020 that affected several clients, including […]

CISA/FBI Alert on APT Groups Chaining Legacy Vulnerabilities with Netlogon Vulnerability

October 13, 2020 Christine Garcia

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) issued a joint alert about advanced persistent hackers stringing exploits for a number of vulnerabilities in cyberattacks directed at federal and […]

Month: October 2020

Ryuk Ransomware Attackers are Targetting the Healthcare and Public Health Sector

Aetna Paid $1 Million HIPAA Penalty for Three Data Breaches

Data Breach at Sonoma Valley Hospital and Lycoming-Clinton Joinder Board

HITRUST Certification Proves LuxSci’s Commitment to Protecting Data Privacy and Security

HIPAA Enforcement Activity in September 2020

September 2020 Healthcare Data Breach Report

NCSC Issued an Active Threat Warning Concerning a SharePoint RCE Vulnerability

CISA Urges Organizations to Patch Wormable ‘Bad Neighbor’ Windows TCP/IP Vulnerability Now

Silent Librarian Spear Phishing Campaign Targeting Universities Restarted

Sen. Warner Inquires About the Alleged Universal Health Services Ransomware Attack

Cyber Attack on a Clinical Trial Software Provider eResearchTechnology

CISA/FBI Alert on APT Groups Chaining Legacy Vulnerabilities with Netlogon Vulnerability

Community Health Systems To Settle $5 Million to Resolve Multi-State Breach Case

HIPAA Right of Access Failure by Healthcare Provider Resulted in $160,000 Penalty

Ransomware Attacks on Accents on Health and Magnolia Pediatrics

Georgia Man Pleads Guilty for Framing a Former Acquaintance for HIPAA Rules Violation

Financial Data and SSNs Potentially Exposed in Blackbaud Ransomware Attack

Breach of PHI at Oaklawn Hospital and Mono County

Anthem Inc. Spends $48.2 Million in Penalties to Resolve Multi-State Lawsuits