Tag: Ransomware

Summary of article from Robinson & Cole LLP, by Linn F. Freedman:

The Health Sector Cybersecurity Coordination Center (HC3) has recently issued two critical alerts for the healthcare sector. The first alert, dated June 18, 2024, concerns Qilin (also known as Agenda Ransomware), a ransomware-as-a-service (RaaS) that targets healthcare organizations through spear phishing and other tools, employing double extortion tactics. The second alert, issued on June 27, 2024, highlights a critical vulnerability in the MOVEit file transfer platform, urging healthcare organizations to promptly patch the identified improper authentication processes to prevent exploitation. Progress, the platform’s owner, has released patches, but the vulnerability remains actively targeted by cyber threat actors. HC3 emphasizes the urgency of addressing these threats to protect against data loss and compromise.

Summary of article from Pro IT Today, by Christopher Tozzi:

Healthcare organizations can ensure cloud compliance by adopting several key practices. Implementing a zero trust security strategy is essential to protect sensitive data by granting access only when necessary. Educating cloud engineers about specific compliance requirements and using cloud data loss prevention (DLP) tools to detect and secure sensitive information are also crucial steps. Additionally, considering on-premises storage for highly sensitive data and opting for simpler cloud architectures can help minimize compliance risks. These measures collectively support the secure and compliant management of healthcare data in cloud environments.

Summary of article from MedCity News, by Mohammad Wagas:

The healthcare industry is under increasing threat from cyberattacks, highlighting an immediate need for stronger security measures. To address this, four key strategies are recommended: enhancing analysis of security risks, fostering a cybersecurity culture among all staff, segmenting networks to limit potential damage, and ensuring robust external surface defense. Comprehensive risk analysis tools and consistent cybersecurity education for staff are imperative. Implementing a Zero Trust architecture and conducting regular security audits of third-party vendors are also key. These initiatives align with medical ethics and ensure patient safety and their trust in technology.

Summary of article from CNBC, by Ashley Capoot:

UnitedHealth Group confirmed the company paid a $22 million ransom after hackers breached its subsidiary, Change Healthcare, affecting the healthcare sector broadly. The breach left many doctors unable to fill prescriptions or get paid for their services temporarily. Witty revealed that the cybercriminals accessed Change Healthcare through a server that lacked multi-factor authentication, a security measure now implemented across all UnitedHealth’s external-facing systems. The breach compromised files containing protected health information and personally identifiable information, with a data review ongoing. UnitedHealth is working with regulators to assess the breach and notify affected individuals, while also implementing measures to prevent future cyberattacks.

Summary of article from GovInfo Security, by Marianne Kolbasuk McGee:

Ernest Health, a Texas-based operator of rehabilitation hospitals, is facing multiple federal proposed class action lawsuits following a ransomware attack that potentially compromised the sensitive information of over 101,000 individuals across several states. The company reported 33 separate breaches involving a network server and a HIPAA business associate at rehabilitation and long-term care hospitals in 12 states. The lawsuits allege that Ernest Health’s negligence in failing to protect sensitive personal information puts the plaintiffs at risk of identity theft and other crimes. The compromised information includes names, addresses, birthdates, medical record numbers, health insurance plan member IDs, claims data, diagnosis, and prescription information, with some Social Security numbers and driver’s license numbers also affected. In response to the incident, Ernest Health has implemented additional safeguards and technical security measures to further protect and monitor its systems.

Summary of article from Ars Technica, by Dan Goodin:

Change Healthcare, a US health care services provider, was attacked by ransomware group ALPHV or BlackCat, disrupting the US prescription market for two weeks. The breach occurred due to a compromised account that lacked multifactor authentication (MFA), allowing hackers to access and exfiltrate data. The company paid a ransom of $22 million to ALPHV and spent two weeks rebuilding its IT infrastructure. The attack resulted in a cost of $872 million in the first quarter, leading to accelerated payments and no-interest, no-fee loans of over $6.5 billion to affected providers. Currently, the company’s payment processing is at 86% of its pre-incident levels.

Summary of article from Guidepost Solutions LLC, by Todd Doss:

In February 2024, Change Healthcare fell victim to a ransomware attack due to vulnerabilities in its infrastructure, including outdated software and misconfigured settings. The attackers used sophisticated malware to access the network and breach sensitive data, including patient records, financial data, and administrative details. The incident underscores the importance of robust cybersecurity measures, such as regular data backups, software updates, strong passwords, network segmentation, and continuous employee education. Organizations are also advised to avoid paying ransoms and to stay informed about cybersecurity trends. Lastly, consulting with third-party cybersecurity experts can help assess vulnerabilities and strengthen an organization’s security posture.