Hacking and Healthcare - Cyber Security Informer

Change Healthcare data breach impacted over 100 million people

Security Affairs

OCTOBER 25, 2024

The Change Healthcare data breach in the February 2024 impacted over 100 million, the largest-ever healthcare data breach in the US. UnitedHealth Group announced that the data breach suffered by Change Healthcare in February 2024 impacted more than 100 million individuals. Change Healthcare now provided an update to the U.S.

Data breaches

Data breaches Healthcare Cybercrime Insurance

Change Healthcare data breach exposed the private data of over half the U.S.

Security Affairs

JANUARY 26, 2025

The Change Healthcare data breach is worse than initially estimated: approximately 190 million people have been affected. The Change Healthcare data breach is worse than initially estimated, the incident has impacted 190 million people. The incident impacted thousands of pharmacies and healthcare providers.

Healthcare

Healthcare Data breaches Insurance Cybercrime

Conti’s Ransomware Toll on the Healthcare Industry

Krebs on Security

APRIL 18, 2022

Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. A report in February 2022 from Sophos found Conti orchestrated a cyberattack against a Canadian healthcare provider in late 2021.

Healthcare

Healthcare Ransomware Cybersecurity Malware

News alert: INE Security spotlights healthcare companies facing rising exposure to costly breaches

The Last Watchdog

MARCH 24, 2025

24, 2025, CyberNewswire – – INE Security , a global provider of cybersecurity training and certification, today announced its initiative to spotlight the increasing cyber threats targeting healthcare institutions. Recent reports show healthcare has endured a record wave of cyber breaches. Cary, NC, Mar.

Healthcare

Healthcare Penetration Testing Education Cyber threats

Inside Ireland’s Public Healthcare Ransomware Scare

Krebs on Security

DECEMBER 13, 2021

The attack disrupted services at several Irish hospitals and resulted in the near complete shutdown of the HSE’s national and local networks, forcing the cancellation of many outpatient clinics and healthcare services. To get up to speed, I interviewed over a dozen of the healthcare security industry’s best and brightest minds.

Healthcare

Healthcare Ransomware Antivirus Hacking

RansomHouse gang claims the hack of the Loretto Hospital in Chicago

Security Affairs

MARCH 10, 2025

Another American hospital falls victim to a ransomware attack; the RansomHouse gang announced the hack of Loretto Hospital in Chicago.” ” The RansomHouse gang announced the hack of Loretto Hospital in Chicago, the groups claims to have stolen 1.5TB of sensitive data. Ransomware attacks on U.S.

Hacking

Hacking Healthcare Backups Ransomware

BlackCat Ransomware Group Implodes After Apparent $22M Payment by Change Healthcare

Krebs on Security

MARCH 5, 2024

healthcare giant Change Healthcare has made a $22 million extortion payment to the infamous BlackCat ransomware group (a.k.a. In the third week of February, a cyber intrusion at Change Healthcare began shutting down important healthcare services as company systems were taken offline. There are indications that U.S.

Healthcare

Healthcare Ransomware Scams Government

Cloak ransomware group hacked the Virginia Attorney General’s Office

Security Affairs

MARCH 24, 2025

The group has extended its operations to countries in Asia and targets various sectors, including healthcare, real estate, construction, IT, food, and manufacturing.” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, ransomware)

Ransomware

Ransomware Hacking Social Engineering VPN

On the Irish Health Services Executive Hack

Schneier on Security

FEBRUARY 11, 2022

There was no security monitoring capability that was able to effectively detect, investigate and respond to security alerts across HSE’s IT environment or the wider National Healthcare Network (NHN). There was a lack of effective patching (updates, bug fixes etc.)

Antivirus

Antivirus Hacking Ransomware CISO

Alaska’s Department of Health and Social Services Hack

Schneier on Security

SEPTEMBER 21, 2021

Apparently, a nation-state hacked Alaska’s Department of Health and Social Services. Not sure why Alaska’s Department of Health and Social Services is of any interest to a nation-state, but that’s probably just my failure of imagination.

Hacking

Hacking Healthcare

ClickFix: How to Infect Your PC in Three Easy Steps

Krebs on Security

MARCH 14, 2025

In this scam, dubbed “ ClickFix ,” the visitor to a hacked or malicious website is asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes Microsoft Windows to download password-stealing malware.

Phishing

Phishing Malware Scams Passwords

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

DECEMBER 13, 2022

“InfraGard connects critical infrastructure owners, operators, and stakeholders with the FBI to provide education, networking, and information-sharing on security threats and risks,” the FBI’s InfraGard fact sheet reads.

Hacking

Hacking Energy and Utilities Cybercrime Accountability

UnitedHealth confirms Optum hack behind US healthcare billing outage

Bleeping Computer

FEBRUARY 23, 2024

Healthcare giant UnitedHealth Group confirmed that its subsidiary Optum was forced to shut down IT systems and various services after a cyberattack by "nation-state" hackers on the Change Healthcare platform. [.]

Healthcare

Healthcare Hacking

Memorial Hospital and Manor suffered a ransomware attack

Security Affairs

NOVEMBER 6, 2024

Memorial Hospital and Manor is a community hospital and healthcare facility that serves Decatur County and surrounding areas in southwest Georgia. It offers a range of healthcare services, including emergency care, inpatient and outpatient services, surgical care, and specialized medical services. Ransomware attacks on U.S.

Ransomware

Ransomware Healthcare Antivirus Data breaches

GUEST ESSAY: 6 steps any healthcare organization can take to help mitigate inevitable cyber attacks

The Last Watchdog

FEBRUARY 21, 2022

Related: High-profile healthcare hacks in 2021. A cyber catastrophe may seem inevitable, but there are basic practices and actionable steps any healthcare organization can take to begin reducing the clear and present risk of being impacted by a cybersecurity event.

Healthcare

Healthcare Cyber Attacks Education Social Engineering

HMG Healthcare disclosed a data breach

Security Affairs

JANUARY 10, 2024

The Healthcare services provider HMG Healthcare has disclosed a data breach that impacted 40 affiliated nursing facilities. In November 2023, the Healthcare services provider HMG Healthcare discovered a data breach that exposed personal health information related to residents and employees at HMG affiliated nursing facilities.

Data breaches

Data breaches Healthcare Hacking Ransomware

Change Healthcare hacked using stolen Citrix account with no MFA

Bleeping Computer

APRIL 30, 2024

UnitedHealth confirms that Change Healthcare's network was breached by the BlackCat ransomware gang, who used stolen credentials to log into the company's Citrix remote access service, which did not have multi-factor authentication enabled. [.]

Healthcare

Healthcare Accountability Hacking Authentication

Healthcare Hack: UnitedHealth Pays Ransom, Reports $872M in Losses

SecureWorld News

APRIL 24, 2024

UnitedHealth Group, parent company of Optum and Change Healthcare, has confirmed that it paid the ransom demands of the cybercriminals behind the late February incident that led to widespread service outages in the U.S. healthcare industry.

Healthcare

Healthcare Hacking Ransomware Insurance

Norton Healthcare disclosed a data breach after a ransomware attack

Security Affairs

DECEMBER 9, 2023

Kentucky health system Norton Healthcare disclosed a data breach after it was a victim of a ransomware attack in May. Norton Healthcare disclosed a data breach after a ransomware attack that hit the organization on May 9, 2023. Norton Healthcare is a healthcare system based in Louisville, Kentucky (US).

Healthcare

Healthcare Data breaches Ransomware Insurance

Meta Pixel hack leads to US healthcare provider data breach affecting 3 million patients

CyberSecurity Insiders

OCTOBER 21, 2022

As this practice is against the data privacy rules of the United States, it can lead to a situation where the healthcare service provider can also be heavily penalized via class action lawsuits. The post Meta Pixel hack leads to US healthcare provider data breach affecting 3 million patients appeared first on Cybersecurity Insiders.

Data breaches

Data breaches Healthcare Hacking Data privacy

Notorious ransomware programmer Mikhail Pavlovich Matveev arrested in Russia

Security Affairs

NOVEMBER 29, 2024

Russian authorities arrested ransomware affiliate Mikhail Matveev, aka Wazawaka, for developing malware and ties to hacking groups. and New Jersey, as well as organizations in the healthcare and other sectors nationwide. The attacks hit law enforcement agencies in Washington, D.C.

Ransomware

Ransomware Healthcare Hacking Malware

ConnectOnCall data breach impacted over 900,000 individuals

Security Affairs

DECEMBER 16, 2024

ConnectOnCall is a telehealth platform and after-hours on-call answering service designed to enhance communication between healthcare providers and patients. ConnectOnCall mailed notice letters to all potentially impacted individuals for whom the healthcare providers had current mailing addresses on December 11, 2024.

Data breaches

Data breaches Identity Theft Healthcare Insurance

Russian Phobos ransomware operator faces cybercrime charges

Security Affairs

NOVEMBER 19, 2024

Evgenii Ptitsyn and others allegedly ran an international hacking scheme since November 2020, deploying Phobos ransomware to extort victims. If convicted, the man could face up to 20 years in prison for each wire fraud count, 10 years for each computer hacking charge, and 5 years for conspiracy to commit computer fraud and abuse.

Cybercrime

Cybercrime Ransomware Healthcare Education

Healthcare fintech firm HealthEquity disclosed a data breach

Security Affairs

JULY 4, 2024

Healthcare firm HealthEquity disclosed a data breach caused by a partner’s compromised account that exposed protected health information. Healthcare fintech firm HealthEquity disclosed a data breach after a partner’s compromised account was used to access its systems. ” continues the Form 8-K.

Data breaches

Data breaches Healthcare Accountability Insurance

Black Basta ransomware gang hit BT Group

Security Affairs

DECEMBER 4, 2024

Black Basta has targeted at least 12 critical infrastructure sectors, including Healthcare and Public Health. Black Basta affiliates have targeted over 500 private industry and critical infrastructure entities, including healthcare organizations, in North America, Europe, and Australia.” reads the CSA.

Ransomware

Ransomware Telecommunications Healthcare Insurance

Omni Family Health data breach impacts 468,344 individuals

Security Affairs

OCTOBER 18, 2024

Omni Family Health is a nonprofit organization that provides healthcare services to communities in California, focusing on underserved populations. Omni Family Health aims to improve access to quality healthcare and address health disparities in the regions they serve.

Data breaches

Data breaches Healthcare Insurance Engineering

A cyberattack hit the US healthcare giant Ascension

Security Affairs

MAY 11, 2024

A cyberattack hit the US Healthcare giant Ascension and is causing disruption of the systems at hospitals in the country. Ascension is one of the largest private healthcare systems in the United States, ranking second in the United States by the number of hospitals as of 2019. ” reads the notice of security incident.

Healthcare

Healthcare Cyber Attacks Ransomware Hacking

A cyberattack impacted operations at UK Wirral University Teaching Hospital

Security Affairs

NOVEMBER 28, 2024

It provides healthcare for people of the Wirral Peninsula and the surrounding areas of North West England and North Wales. 2] The UK healthcare provider suffered a cyberattack that impacted its systems forcing the healthcare organization to postpone appointments and scheduled procedures.

Healthcare

Healthcare Ransomware Hacking

North Korea-linked APTs use Maui Ransomware to target the Healthcare industry

Security Affairs

JULY 7, 2022

US authorities have issued a joint advisory warning of North Korea-linked APTs using Maui ransomware in attacks against the Healthcare sector. Treasury Department issued a joint advisory that warn of North-Korea-linked threat actors using Maui ransomware in attacks aimed at organizations in the Healthcare sector. Pierluigi Paganini.

Healthcare

Healthcare Ransomware Encryption Government

Healthcare provider Ardent Health Services disclosed a ransomware attack

Security Affairs

NOVEMBER 28, 2023

The US Healthcare provider Ardent Health Services disclosed that it was the victim of a ransomware attack last week. Ardent Health Services is a healthcare company that operates hospitals and other medical facilities in the United States. The healthcare provider disclosed that it has suffered a ransomware attack on November 23. .”

Healthcare

Healthcare Ransomware Technology Internet

Healthcare firm WebTPA data breach impacted 2.5 million individuals

Security Affairs

MAY 19, 2024

WebTPA, a third-party administrator that provides healthcare management and administrative services, disclosed a data breach. WebTPA is a third-party administrator that provides healthcare management and administrative services. The US company disclosed a data breach that impacted almost 2.5 million people.

Data breaches

Data breaches Healthcare Insurance Identity Theft

Healthcare system Advocate Aurora Health data breach potentially impacted 3M patients

Security Affairs

OCTOBER 20, 2022

Healthcare system Advocate Aurora Health (AAH) disclosed a data breach that exposed the personal data of 3,000,000 patients. The US-based hospital healthcare system Advocate Aurora Health (AAH) disclosed a data breach that exposed the personal data of 3,000,000 patients. SecurityAffairs – hacking, Advocate Aurora Health).

Data breaches

Data breaches Healthcare Insurance Accountability

CISA adds NextGen Healthcare Mirth Connect flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

MAY 21, 2024

CISA adds NextGen Healthcare Mirth Connect deserialization of untrusted data vulnerability to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added a NextGen Healthcare Mirth Connect vulnerability to its Known Exploited Vulnerabilities (KEV) catalog.

Healthcare

Healthcare Engineering Hacking Risk

What's the Prescription for Cyber Resilience in Healthcare?

SecureWorld News

APRIL 9, 2024

billing and electronic payment system operated by Change Healthcare, a big division of UnitedHealth Group, is only the latest, but maybe greatest, example. RELATED: Hospitals Seek Federal Help as Change Healthcare Ransomware Attack Disrupts Payments ] The attack has left hundreds, if not thousands, of providers all over the U.S.

Healthcare

Healthcare Computers and Electronics Insurance Hacking

2023 Anna Jaques Hospital data breach impacted over 310,000 people

Security Affairs

DECEMBER 8, 2024

Anna Jaques Hospital is a not-for-profit community healthcare facility located in Newburyport, Massachusetts. On January 19, the Money Messageransomware gang added the healthcare organization to its Tor leak site claiming the theft of 600GB of sensitive data, including PII and diagnoses.

Data breaches

Data breaches Insurance Healthcare Ransomware

Healthcare Security Problems, US Water & Wastewater Provider Hacked and Police Bag a Big Hacker - October NewsScam

GlobalSign

OCTOBER 31, 2024

Find out about the latest cybersecurity news, including a Water provider hack, updates on healthcare security, and recent criminal arrests.

Healthcare

Healthcare Hacking Cybersecurity

FEMA IT Specialist Charged in ID Theft, Tax Refund Fraud Conspiracy

Krebs on Security

JUNE 18, 2020

An information technology specialist at the Federal Emergency Management Agency (FEMA) was arrested this week on suspicion of hacking into the human resource databases of University of Pittsburgh Medical Center (UPMC) in 2014, stealing personal data on more than 65,000 UPMC employees, and selling the data on the dark web.

Identity Theft

Identity Theft Healthcare Hacking Technology

Chinese national charged for hacking thousands of Sophos firewalls

Security Affairs

DECEMBER 11, 2024

has charged a Chinese national for hacking thousands of Sophos firewall devices worldwide in 2020. has charged the Chinese national Guan Tianfeng (aka gbigmao and gxiaomao) for hacking thousands of Sophos firewall devices worldwide in 2020. and its employee Guan Tianfeng for hacking U.S. ” The U.S.

Firewall

Firewall Hacking Malware Passwords

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Krebs on Security

FEBRUARY 9, 2023

“During the height of the COVID-19 pandemic in 2020, Trickbot targeted hospitals and healthcare centers, launching a wave of ransomware attacks against hospitals across the United States,” the sanctions notice continued. A spam email from 2020 containing a Trickbot-infected attachment. Image: Microsoft.

Hacking

Hacking Cybercrime Ransomware Government

The Vanilla Tempest cybercrime gang used INC ransomware for the first time in attacks on the healthcare sector

Security Affairs

SEPTEMBER 20, 2024

Microsoft warns that financially motivated threat actor Vanilla Tempest is using INC ransomware in attacks aimed at the healthcare sector in the U.S. healthcare sector. The threat actor has been active since July 2022, it was observed targeting organizations in the education, healthcare, IT, and manufacturing sectors.

Healthcare

Healthcare Ransomware Cybercrime Manufacturing

Senators Say Healthcare Corporations Are 'Flunking Cybersecurity 101'

SecureWorld News

SEPTEMBER 27, 2024

healthcare system. The legislation is a direct response to a surge in cyberattacks targeting healthcare providers, breaching patient privacy, and disrupting care delivery across the nation. The legislation could potentially lower costs associated with recovery from breaches and improve public trust in healthcare services.

Healthcare

Healthcare Cybersecurity Artificial Intelligence Insurance

Threat actor sells data of over 750,000 patients from a French hospital

Security Affairs

NOVEMBER 21, 2024

Bleeping Computer reported that a threat actor using the moniker ‘nears’ (previously near2tlg) claimed to have had access to patient records of over 1,500,000 people following the hack of multiple healthcare organizations in France. Altered records may cause misdiagnoses or medical errors.

Computers and Electronics

Computers and Electronics Healthcare Identity Theft Data breaches

Europe’s Largest Private Hospital Operator Fresenius Hit by Ransomware

Krebs on Security

MAY 6, 2020

” The assault on Fresenius comes amid increasingly targeted attacks against healthcare providers on the front lines of responding to the COVID-19 pandemic. For example, actors may seek to obtain intelligence on national and international healthcare policy, or acquire sensitive data on COVID-19-related research.”

Ransomware

Ransomware Healthcare Cyber Attacks Manufacturing

U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon

Security Affairs

JANUARY 18, 2025

The US Treasurys OFAC also sanctionedYin Kecheng, a Shanghai-based cyber actor who was involved with the recent hack of the Department of the Treasury’s network. BeyondTrust provides Privileged Access Management and secure remote access, serving sectors like government, healthcare, banking, and energy. critical infrastructure.”

Cybersecurity

Cybersecurity Telecommunications Government Healthcare

Change Healthcare data breach impacted over 100 million people

Change Healthcare data breach exposed the private data of over half the U.S.

Trending Sources

Conti’s Ransomware Toll on the Healthcare Industry

News alert: INE Security spotlights healthcare companies facing rising exposure to costly breaches

Inside Ireland’s Public Healthcare Ransomware Scare

RansomHouse gang claims the hack of the Loretto Hospital in Chicago

BlackCat Ransomware Group Implodes After Apparent $22M Payment by Change Healthcare

Cloak ransomware group hacked the Virginia Attorney General’s Office

On the Irish Health Services Executive Hack

Alaska’s Department of Health and Social Services Hack

ClickFix: How to Infect Your PC in Three Easy Steps

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

UnitedHealth confirms Optum hack behind US healthcare billing outage

Memorial Hospital and Manor suffered a ransomware attack

GUEST ESSAY: 6 steps any healthcare organization can take to help mitigate inevitable cyber attacks

HMG Healthcare disclosed a data breach

Change Healthcare hacked using stolen Citrix account with no MFA

Healthcare Hack: UnitedHealth Pays Ransom, Reports $872M in Losses

Norton Healthcare disclosed a data breach after a ransomware attack

Meta Pixel hack leads to US healthcare provider data breach affecting 3 million patients

Notorious ransomware programmer Mikhail Pavlovich Matveev arrested in Russia

ConnectOnCall data breach impacted over 900,000 individuals

Russian Phobos ransomware operator faces cybercrime charges

Healthcare fintech firm HealthEquity disclosed a data breach

Black Basta ransomware gang hit BT Group

Omni Family Health data breach impacts 468,344 individuals

A cyberattack hit the US healthcare giant Ascension

A cyberattack impacted operations at UK Wirral University Teaching Hospital

North Korea-linked APTs use Maui Ransomware to target the Healthcare industry

Healthcare provider Ardent Health Services disclosed a ransomware attack

Healthcare firm WebTPA data breach impacted 2.5 million individuals

Healthcare system Advocate Aurora Health data breach potentially impacted 3M patients

CISA adds NextGen Healthcare Mirth Connect flaw to its Known Exploited Vulnerabilities catalog

What's the Prescription for Cyber Resilience in Healthcare?

2023 Anna Jaques Hospital data breach impacted over 310,000 people

Healthcare Security Problems, US Water & Wastewater Provider Hacked and Police Bag a Big Hacker - October NewsScam

FEMA IT Specialist Charged in ID Theft, Tax Refund Fraud Conspiracy

Chinese national charged for hacking thousands of Sophos firewalls

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

The Vanilla Tempest cybercrime gang used INC ransomware for the first time in attacks on the healthcare sector

Senators Say Healthcare Corporations Are 'Flunking Cybersecurity 101'

Threat actor sells data of over 750,000 patients from a French hospital

Europe’s Largest Private Hospital Operator Fresenius Hit by Ransomware

U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon

Stay Connected