Healthcare
Frederick Health data breach impacts nearly 1 million patients
A ransomware attack in January at Frederick Health Medical Group, a major healthcare provider in Maryland, has led to a data breach affecting nearly one million patients. With almost 4,000 employees and over 25 locations, Frederick Health is one of Frederick County’s largest employers. As the health system revealed in a late March notification to patients, […]
Yale New Haven Health data breach affects 5.5 million patients
Yale New Haven Health (YNHHS) is warning that threat actors stole the personal data of 5.5 million patients in a cyberattack earlier this month. YNHHS is a nonprofit healthcare network in Connecticut, the largest in the state, providing comprehensive care across five hospitals and 360 outpatient locations. It employs 30,000 health professionals and has an […]
Blue Shield of California leaked health data of 4.7 million members to Google
Blue Shield of California disclosed it suffered a data breach after exposing protected health information of 4.7 million members to Google’s analytics and advertisement platforms. The nonprofit health plan, which serves nearly 6 million members across California, published a data breach notification on its website stating that member data was exposed between April 2021 and January […]
New ResolverRAT malware targets pharma and healthcare orgs worldwide
A new remote access trojan (RAT) called ‘ResolverRAT’ is being used against organizations globally, with the malware used in recent attacks targeting the healthcare and pharmaceutical sectors. ResolverRAT is distributed through phishing emails claiming to be legal or copyright violations tailored to languages that match the target’s country. The emails contain a link to download a legitimate […]
Kidney dialysis firm DaVita hit by weekend ransomware attack
Kidney dialysis firm DaVita disclosed Monday it suffered a weekend ransomware attack that encrypted parts of its network and impacted some of its operations. DaVita is a major provider of kidney care services in the United States, operating over 2,600 outpatient treatment centers that provide dialysis to those suffering from kidney disease. It is a […]
US lab testing provider exposed health data of 1.6 million people
Laboratory Services Cooperative (LSC) has released a statement informing it suffered a data breach where hackers stole sensitive information of roughly 1.6 million people from its systems. LSC is a Seattle-based nonprofit organization that provides centralized laboratory services to its member affiliates, including select Planned Parenthood centers. It plays a crucial role within its niche, supporting […]
UK fines software provider £3.07 million for 2022 ransomware breach
The UK Information Commissioner’s Office (ICO) has issued a £3.07 million fine on Advanced Computer Software Group Ltd for a 2022 ransomware attack that exposed the sensitive personal data of 79,404 people, including National Health Service (NHS) patients. The cyberattack was announced in early August 2022 when various NHS services, including 111 emergency services, suffered significant outages, pointing […]
US health system notifies 882,000 patients of August 2023 breach
Hospital Sisters Health System notified over 882,000 patients that an August 2023 cyberattack led to a data breach that exposed their personal and health information. Established in 1875, HSHS works with over 2,200 physicians and has around 12,000 employees. It also operates a network of physician practices and 15 local hospitals across Illinois and Wisconsin, […]
US healthcare provider data breach impacts 1 million patients
Community Health Center (CHC), a leading Connecticut healthcare provider, is notifying over 1 million patients of a data breach that impacted their personal and health data. The non-profit organization provides primary medical, dental, and mental health services to more than 145,000 active patients. CHC said in a Thursday filing with Maine’s attorney general that unknown attackers gained […]
Backdoor found in two healthcare patient monitors, linked to IP in China
The US Cybersecurity and Infrastructure Security Agency (CISA) is warning that Contec CMS8000 devices, a widely used healthcare patient monitoring device, include a backdoor that quietly sends patient data to a remote IP address and downloads and executes files on the device. Contec is a China-based company that specializes in healthcare technology, offering a range of […]