phone : 281-443-2996

104 Lockhaven Dr. | Houston, TX 77073-5500

Security

HIPAA & Cybersecurity Updates

  • Advocate Aurora Health of Wisconsin & Illinois notified 1,907 patients that their PHI was exposed after a mailing error by Diamond Healthcare Communications.
  • The Idaho Board of Nursing reported a potential breach exposing info on nurses in the state, being used by a hacking group to extort funds.
  • The Philadelphia Archdiocese of Pennsylvania notified 47 clergy abuse victims that their info was exposed after email leak.
  • Morgan Stanley, headquartered in New York City, NY, was sued by current and former customers who had their confidential info exposed during recent data breaches.
  • BeneSys, headquartered in Troy, MI, notified 1,070 patients that their PHI was exposed during recent data leak.
  • The Connection Inc., headquartered in Middletown, CT, notified an unknown number of patients their PHI was exposed after email phishing attack.
  • Summit Medical Associates of Fort Wayne, IN notified an unknown number of patients that their PHI was exposed after ransomware attack.
  • Hoag Clinic of Costa Mesa, CA notified 730 patients that their PHI was exposed after laptop computer was stolen.
  • USA Today newspaper reports that hacking attacks on hospitals for PHI increased during the pandemic
    • 80% of medical practices have been victims of cyberattacks
    • 51% reported patient safety concerns from attacks
    • 20% had business interrupted for more than 5 hours
    • 6000% increase in spam attacks
    • 75% increase in security incidents
    • $50 each being paid by hackers for PHI
  • The American Payroll Association, headquartered in San Antonio, TX notified 20,000 members that their info may have been exposed after discovery of skimmer malware on its website.
  • Cook Children’s Medical Center of Fort Worth, TX notified 1,768 patients that their PHI was exposed after a box of medical records were stolen.
  • Utah Pathology Services of Salt Lake City, UT notified 112,000 patients that their PHI was exposed after hacking incident.
  • United Memorial Medical Center of Houston, TX notified an unknown number of patients that their PHI was exposed after a ransomware attack.
  • Greenville Technical College of South Carolina notified an unknown number of students that their info may have been exposed after a ransomware attack.
  • Selma Unified School District of Selma, CA notified an unknown number of students that their info may have been exposed after a ransomware attack.
  • University of Virginia reported that one of its researchers was arrested after attempting to board a flight to China with stolen materials.
  • The City of Rocky Mount in North Carolina notified an unknown number of citizens that their info was exposed after ransomware attack.
  • Sudhish Kasaba Ramesh, former Cisco Corp. employee, pleaded guilty to deploying malware to shut down 16,000 Cisco WebEx Teams accounts and deletion of 456 virtual machines.
    • Faces 5 years in prison and deportation.
  • Ponemon Institute report states that average global cost of insider-caused breach is up 31% to $11.45 million
    • Frequency of incidents up 47%
    • Average of $211,533 per company cost per year
    • Average incident takes 77 days to contain
  • ZDNet magazine reports on BEC (business email compromise) hacking attacks:
    • Average attempt is now $80,000
    • Use email phishing attacks that focus on stealing login credentials
    • Then distribute malware
    • New BEC hacking group is Cosmic Lynx of Russia
  • Crowdstrike Security is reporting that an Iranian hacking group, named Pioneer Kitten (aka Fox Kitten or Parisite) is now selling access to compromised companies on the Dark Web.
  • Bryan Connor Herrell of Aurora, CO was sentenced to 11 years in prison for selling stolen items on the Dark Web.
  • Palau Corp. of Orlando, FL notified an unknown number of customers that their info was accessed during a recent cybersecurity incident.
  • Amphastar Pharmaceuticals of Rancho Cucamonga, CA notified an unknown number of patients that their PHI may have been accessed during recent cybersecurity incident.
  • Mansfield City School District of Ohio notified an unknown number of students that their info may have been access after ransomware attack.
  • Somerset Berkley Regional School District of Massachusetts notified an unknown number of students that their info was exposed after ransomware attack.
  • Jewish Federation of Greater Washington in Maryland reported that it lost $7.5 million after cyberattack.
  • Oregon State University in Corvallis, OR notified 1,700 students that their info was accessed during recent hacking incident.
  • Northwestern Memorial Healthcare of Chicago, IL notified 55,983 patients that their PHI was exposed after ransomware attack.
  • Spectrum Health of Grand Rapids, MI notified 52,500 patients that their PHI was exposed after ransomware attack.
  • Roper St. Francis Hospital of Charleston, SC notified 6,000 patients that their PHI was exposed after email phishing attack.
  • Miami-Dade School District of Florida announced that David Oliveros, a student, was arrested and charged with conducting 8 cyberattacks on the schools.
  • University of Illinois at Chicago Pain Clinic is being sued by a former patient, Bianca Anderson, for allegedly changing her medical records to wrongly label her as a cocaine user.
  • The federal government is warning U.S. universities, such as University of North Carolina-Chapel Hill, that the Chinese government is ramping up its hacking attempts in order to steal COVID-19 vaccine research.
  • Hamilton Health Center of Harrisburg, PA notified 10,393 patients that their PHI was exposed during recent email phishing attack.
  • Assured Imaging of Tucson, Arizona notified 245,000 patients that their PHI was exposed after ransomware attack.
Share this post