phone : 281-443-2996

104 Lockhaven Dr. | Houston, TX 77073-5500

HIPAA & Cybersecurity Updates

  • Froedtert Health of Milwaukee, Wisconsin, notified 760 patients that their PHI was exposed after being illegally accessed by a former employee.
  • Hendrick Health of Abilene, TX notified 640,436 patients that their PHI was exposed after ransomware attack.
  • Salem Clinic of Oregon notified 20,000 patients that their PHI was exposed after ransomware attack hit Metro Presort, which processes the clinic’s mail.
  • The Center for Alternative Sentencing and Employment Services (CASES) of New York, notified an unknown number of clients that their info was exposed after email phishing attack.
  • ADT Inc., headquartered in Boca Raton, Florida, notified an unknown number of customers that their video feeds from their ADT security cameras were accessed illegally by a former employee.
  • Einstein Healthcare Network of Pennsylvania notified an unknown number of patients that their PHI was exposed after email phishing attack.
  • HIPAA fines are not just from the feds! HIPAA Journal magazine recently reported on all the fines/settlements that were levied by state attorneys general for HIPAA violations.  Includes:
    • CHS = $5 million
    • Anthem = $48.2 million
    • Premera Blue Cross = $10 million
  • Modern Healthcare magazine warns against most common email compromise attacks:
    • Fake vaccine appointments
    • Fake invoices
    • Fake email requests
    • Fake job listings
  • Wandera Cloud Security published results of survey:
    • During pandemic, employees are twice as likely to connect to inappropriate sites and infect network with malware
    • Attacks now occurring on weekends, and less on weekdays due to remote workers
    • 76% of executive are worried about security issues caused by remote workers
    • 60% of employees are using personal devices to access company network
    • 52% have experienced a malware incident on remote device
  • Intel Corp. is investing claims that an employee illegally accessed to part of its quarterly earnings announcement before it was allowed to be released.
  • Proofpoint Security published results of survey:
    • 46% of chief security officers (CSOs) and chief information security officers (CISOs) that ransomware is now the biggest cybersecurity threat they face.
    • Other top security concerns:
      • Insider threats
      • Cloud account compromise
      • Email phishing
      • Business email compromise
    • Okanogan County government offices in Washington notified an unknown number of citizens that their info was exposed after ransomware attack.
    • The US Department of Health & Human Services reported:
      • In 2020, there was a 25% increase in reported PHI breaches
      • Breaches have more than doubled since 2014
      • At least 29 patients had their PHI exposed in 2020
      • Main causes for PHI breaches include:
        • 82% = hacking/IT related
        • 27% = insider breaches
        • 6% = paper records
      • The FBI issued a Private Industry Notification, warning businesses that hackers are attacking enterprises in attempt to obtain employee credentials
        • Using chat rooms and vishing techniques
        • Then uses stolen credentials to access network and steal info and insert ransomware.
      • Apple paid $50,000 to two white hat hackers to successfully finding some serious vulnerabilities and accessing Apple’s servers.
      • The European Medicines Agency warned that hackers who stole COVID-19 vaccine info, manipulated it before placing it online to undermine trust in the vaccines.
      • Malwarebytes Cybersecurity admitted it was hacked by same group that breached SolarWinds IT software.
Share this post