Maria Perez
Maria is an experienced writer, providing content for Healthcare Industry News since 2021. Working as a senior writer, Maria focuses on news reporting, making the complex healthcare topic comprehensible for readers. Maria’s expertise and dedication to delivering accurate stories make him a trusted source on our site.
by Maria Perez | Aug 4, 2022 | Compliance News, Healthcare Industry News, Healthcare Information Technology, HIPAA News and Advice
Salusive Health, the programmer of the myNurse platform, which aids physician practices to facilitate disease management, has suffered a cyberattack that resulted in the compromise of patient data.
In the Salusive Health’s breach notification letters sent to patients, it mentioned that it found unauthorized activity in its computer system on March 7, 2022, and quickly carried out containment, mitigation, and restoration work, and involved third-party cybersecurity professionals to help with those steps. The investigation proved that unauthorized people accessed the personal data and protected health information (PHI) of patients, such as name, phone number, sexuality, home address, email address, date of birth, health history, diagnosis and treatment data, dates of service, lab test results, prescription details, medical account number, provider name, group plan provider, medical insurance policy and group plan number, and claim data.
Salusive Health stated it used supplemental security actions to avoid other breaches, has advised affected persons and given no-cost identity theft protection services, and submitted a report about the cyberattack to the Federal Bureau of Investigation. There is no record of the breach posted on the HHS’ Office for Civil Rights’ breach website yet, thus it is not known how many people were impacted.
Salusive Health furthermore mentioned in the breach notification letters that the challenging decision was undertaken to stop clinical operations on May 31, 2022, which will let patients give their chronic care management and remote checking services back to their primary care physicians. Salusive Health mentioned the choice to end operations is unconnected to the information security incident.
24,000 Patients Affected by New Creation Counseling Center Cyber Attack
New Creation Counseling Center (NCCC) based in Tipp City, OH, has just commenced advising 24,029 patients that their protected health information was probably compromised in a cyberattack.
NCCC discovered a breach of its IT programs on February 13, 2022 because its users could not access files on the network. The center promptly had taken steps to avert further unauthorized access, and launched an investigation to know the nature and extent of the breach. NCCC confirmed the usage of ransomware to encrypt files and assisted third-party cybersecurity experts with the response and recovery.
NCCC stated that it went on to give medical care to patients all throughout and that the ransomware has been eradicated from its systems. Though the investigation did not find any evidence of data theft, it was not possible to rule it out. An evaluation of files on the affected systems established they comprised names, phone numbers, addresses, email addresses, birthdates, Social Security numbers, health insurance details, intake forms, healthcare releases, and treatment information.
Notifications had been delivered to impacted persons beginning on April 12, 2022, and one year of credit monitoring services was offered to patients for free.
by Maria Perez | Aug 1, 2022 | Compliance News, Healthcare Information Technology
Partnership Health Plan of California Coming Back from Suspected Ransomware Attack
The non-profit managed care health plan located in Fairfield, CA, Partnership Health Plan of California (PHC), encountered a cyberattack that led to the inaccessibility of its IT systems for more than one week. On March 21, 2022, PHC commenced informing regional healthcare clinics about the interruption of its IT systems, its web page and phone lines and that work was ongoing to bring back its systems. A time frame for when IT systems will possibly be repaired was not given.
PHC failed to say in its announcements what prompted the outage, however it looks like a ransomware attack prompted by the Hive ransomware gang. The Hive ransomware gang owned responsibility for the attack as posted on its clear web and dark sites and stated 400 gigabytes of data had been stolen from PHC systems that involved 850,000 unique records of name, SSNs, addresses, dates of birth, and other data. That statement has since been taken out.
PHC has not stated if ransomware was utilized and the degree to which plan members’ records were impacted. PHC has approximately 618,000 health plan members throughout Northern California. The Hive ransomware group is well-known to attack the healthcare sector, having earlier carried out ransomware attacks on Memorial Health System and Johnson Memorial Health in 2021.
Cancer and Hematology Centers of Western Michigan Experiences Ransomware Attack
Cancer and Hematology Centers of Western Michigan has lately reported that it encountered a ransomware attack in December 2021 that affected a section of its database. The center mentioned it joined with a third-party IT and forensics agency to look into the breach and re-establish its systems.
The breach inquiry didn’t discover information that indicates any patient data was misused, nevertheless, the portions of its systems that the hackers accessed included some patients’ health records and staff members’ Social Security numbers and also bank account data.
Cancer and Hematology Centers of Western Michigan have begun informing impacted people and provided free credit monitoring services. Steps were undertaken to fortify data security operations, such as decommissioning a few servers, having added training to the staff, examining security guidelines and procedures, and partnering with a third-party business to get regular security tracking.
The breach report was filed with the HHS’ Office for Civil Rights as impacting 43,071 persons.
LockBit Ransomware Group Claims To Be Responsible for the Val Verde Regional Medical Center Attack
The LockBit ransomware gang has just shared information on its leak webpage regarding the theft of data at the time of a ransomware attack on Val Verde Regional Medical Center based in Texas.
Lockbit has posted about 400 MB of data on its web page consisting of information of over 96,000 individuals. The files comprise details for instance names, birth dates, marital status, account numbers, patient ID numbers, addresses, email addresses, telephone numbers, employer addresses, guarantor names, referring doctor names, medical insurance data, notes, and other details.
Val Verde Regional Medical Center hasn’t established whether the statement of the Lockbit group is true and the breach is not displayed yet on the HHS’ Office for Civil Rights breach site.
by Maria Perez | Aug 1, 2022 | Compliance News, Telehealth News
A recent Comcast Business report reveals that 2021 got 9.84 million Distributed Denial of Service (DDoS) attacks reported, which rose by 14% from 2019, though a bit lower than the preceding year with 10.1 million attacks.
The minor drop in attacks was a result of a number of factors. 2020 was a notably terrible year since it was a total lockdown year. People were doing work remotely and learners were studying at home. Attackers had a one-of-a-kind scenario that permitted the launch of an unmatched number of DDoS attacks. The high rates of cryptocurrencies in 2021 suggested that a lot of threat actors rerouted their botnets from executing DDoS attacks to mining cryptocurrencies.
In 2021, 73% of DDoS attacks were executed on just 4 groups – government, education, healthcare, and finance. Hackers observed seasonal developments and activities throughout the year, with education being attacked in line with the school year, while COVID-19 and vaccine accessibility prompted DDoS attacks on the healthcare field.
Multi-vector attacks went up by 47% in 2021. Comcast Business DDoS Mitigation Services protected users against 24,845 multi-vector attacks aimed at layers 3, 4, & 7 (Network, Transport & Application) at the same time. 69% of Comcast Business customers were affected by DDoS attacks in 2021, growing by 41% from 2020, and 55% of Comcast Business customers suffered multi-vector attacks directed at layers, 3, 4, & 7 concurrently. There was likewise a significant increase in the number of vectors employed in multi-vector attacks, growing from 5 in 2020 to as much as 15 in 2021, with the amplification practices in the attacks escalating from 3 to 9.
DDoS attacks bring traffic to victims’ sites to make them useless, and though attacks are typically executed only for that purpose, it is usual for DDoS attacks to be performed to distract companies and utilize resources whilst the attackers take part in other nefarious things. There’s a solid link between DDoS attacks and information breaches. As per a Neustar survey, more or less half of businesses (47%) that experienced a DDoS attack identified a virus in their networks right after the attack, 44% mentioned malware was initialized, 33% reported a system breach, 32% documented client data theft, 15% encountered a ransomware attack, and 11% were impacted by financial theft.
The most critical attack that occurred in 2021 was a 242 Gbps DDoS attack, which is enough to cover even high bandwidth Ethernet Dedicated Internet (EDI) circuits in minutes. The scope of attacks has grown and a pattern has been known to be where threat actors perform low-volume attacks to keep under the radar of IT teams and bring about damage on a number of levels. This approach can weaken website functionality, yet the attacks are usually not seen by IT groups, who merely learn they were targeted when they begin getting complaints from consumers.
DDoS attacks are inexpensive to conduct, pricing merely a few bucks, while for a couple of hundred dollars considerable attacks may be done that can cripple companies. DDoS attacks could be very pricey for organizations. The attacks could stop businesses from communicating with their clients and meeting SLAs, and the attacks may bring about disastrous financial and reputational problems. In a number of scenarios, the damage is quite serious that companies were compelled to permanently shut down. For organizations that count on availability, each minute of downtime can bring about losses even as much as millions of dollars.
by Maria Perez | Jul 27, 2022 | Digital Health
Because of the increasing threat from ransomware attacks, the U.S Department of Justice has introduced a new Ransomware and Digital Extortion Task Force that will concentrate on the entire ransomware ecosystem. The purpose is not just to bring the people performing the attacks to justice but at the same time any man or woman who helps attackers, such as those who launder ransom payments.
The Task Force is going to include reps from the DOJ criminal, national security and civil divisions, the Federal Bureau of Investigation, and the Executive Office for United States Attorneys and will work tightly with the Departments of Homeland Security and the Treasury. The task force will additionally work to enhance venture with the private sector and global partners.
More resources will be used to deal with ransomware attacks, training, and intelligence collecting will be enhanced, and the task force will work with the Department of Justice to look into leads and relationships to discovered cybercriminal organizations and nation-state threat groups. Besides aggressively going after all persons behind the attacks, the task force is going to provide recommendations to Congress on how to best assist victims of cyber attacks and discouraging ransom payments at the same time.
The task force will help deal with the growth of ransomware attacks by making them less profitable. Based on an internal DOJ Memo created by Acting Deputy Attorney General of DOJ, John Carlin, this process will consist of using all available civil, criminal, and administrative actions for enforcement, from takedowns of servers employed to propagate ransomware to captures of these criminal enterprises’ ill-gotten profits.”
The goal of the task force is to better safeguard people and companies from ransomware attacks and to make sure the persons involved are brought to justice. Presently, ransomware gangs, members of which are usually based abroad, know that there is minimal chance of being caught and attacks are very lucrative.
Ransomware attacks increased greatly in 2020, which was the worst year in terms of ransomware attacks. As per a current Chainalysis report, ransomware groups collected more than $370 million in ransom payments in 2020, which was higher by 336% from the prior year. Ransoms are frequently paid because victims know that paying the ransom demand, even though it is several million dollars, is a portion of the cost of recouping from the ransomware attack without giving the ransom. The cost of attacks could simply be 10 or 20 times greater in case no ransom is paid out.
In 2019, the City of Baltimore did not pay a ransom worth $75,000 and the breach cost the city over $18 million. As per the GetApp 2020 Data Security Survey, 28% of businesses have experienced a ransomware attack in the last 12 months and 75% of victims settled the ransom to minimize the cost of remediation.
The cost of ransomware attacks to the U.S economy runs in the billions. Cybersecurity Ventures has forecasted that ransomware attacks will keep on increasing and are probable to happen at one for every 11 seconds in 2021, and the overall cost of the attacks will rise to $20 billion in 2021 in America alone, with the worldwide cost predicted to reach $6 trillion in 2021.
by Maria Perez | Jul 26, 2022 | Digital Health
The latest research by Cynerio, a healthcare IoT security platform provider, has shown that 53% of connected medical devices and other healthcare IoT devices have at the least one unresolved critical vulnerability that can probably be taken advantage of to acquire access to systems and sensitive records or impact the availability of the devices. The researchers likewise identified one-third of bedside healthcare IoT devices have a minimum of one unpatched critical vulnerability that may impact service availability, data privacy, or put patient safety at risk.
The researchers assessed the connected device footprints at over 300 hospitals to determine threats and vulnerabilities existing in their Internet of Medical Things (IoMT) and IoT devices. The most often utilized healthcare IoT device is IV pumps, which constitute approximately 38% of a hospital’s IoT footprint. These devices were known to be the most susceptible to attack, as 73% got a vulnerability that can jeopardize patient safety, service accessibility, or cause information theft. 50% of VOIP systems included vulnerabilities, with patient monitors, ultrasound devices, and medication dispensers the next most unsecured device types.
The lately reported Urgent11 and Ripple20 IoT vulnerabilities are obviously a reason for concern; nevertheless, there are far more prevalent and quickly exploitable vulnerabilities in IoT and IoMT devices. The Urgent11 and Ripple20 vulnerabilities have an effect on close to 10% of medical IoT and IoMT devices, although the most well-known risk was weak credentials. Standard passwords can simply be located in online device guides and weak passwords are prone to brute force attacks. 1/5 or 21% of IoT and IoMT devices were identified to have default or inadequate credentials.
Most pharmacology, oncology, and laboratory units and substantial numbers of the gadgets employed in neurology, radiology, and surgery sections were using obsolete Windows versions (older than Windows 10) which are likely vulnerable.
Unaddressed software programs and firmware vulnerabilities are usual in bedside gadgets, with the most usual being wrong input validation, inappropriate authentication, and the ongoing usage of devices for which a device recall alert was given. With no visibility into the devices connected to the network and detailed stock of all IoT and IoMT devices, determining and responding to vulnerabilities before attackers exploit them will be a serious challenge and it is going to be inescapable that certain devices will continue to be vulnerable.
A lot of medical instruments are utilized in critical care settings, where very minimal downtime happens. Over 80% of healthcare IoT devices are employed every month or more often, which provides security teams a short time to identify and deal with vulnerabilities and separate the network. An IT solution ready that could provide visibility into interconnected medical devices and give key details on the security of those equipment will allow security teams to determine vulnerable devices and schedule updates.
Frequently, it’s not possible to use patches. In many cases, medical IoT devices are in continual use and they are usually utilized beyond the end-of-support time. In these instances, the best security choice is virtual patching, where steps are undertaken to avert the exploitation of vulnerabilities like quarantining devices and sectioning the system.
Sectioning the network is one of the most critical steps to take on to strengthen healthcare IoT and IoMT security. When segmentation is done that takes into account healthcare workflows and patient care situations, Cybnerio claims 92% of critical risks in IoT and IoMT devices may be successfully mitigated.
Nearly all medical IoT and IoMT cybersecurity initiatives are targeted on developing a complete inventory of all IoT and IoMT devices and getting data concerning those devices to determine probable risks. Hospitals and health networks don’t require more information – they need to have innovative solutions that minimize risks and enable them to combat cyberattacks, and as medical device security specialists, it’s time for all of us to step up.
