HIPAA Journal

AUGUST 5, 2022

Cybersecurity and Infrastructure Security Agency has published a list of the top malware strains identified in 2021. In recent years there has been a major increase in the use of ransomware. Ransomware encrypts files on targeted systems to prevent data access, and a ransom demand is issued for the keys to unlock the encryption.

Ransomware 139

Ransomware COVID-19 HIPAA 139

HIPAA Journal

AUGUST 3, 2022

Fast Track Urgent Care, a network of urgent healthcare clinics in Florida, has confirmed that 258,411 individuals have had their protected health information exposed and potentially stolen in a ransomware attack on billing and practice management vendor, PracticeMax.

Ransomware 114

Ransomware Health Insurance Licensing HIPAA 114

HIPAA Journal

MARCH 11, 2025

A settlement has been agreed to resolve a lawsuit against the Rhode Island Public Transit Authority (RIPTA) and UnitedHealthcare New England (UHC) over a 2021 ransomware attack. RIPTA announced the data breach on December 23, 2021.The

Ransomware 51

Ransomware Fraud HIPAA Health Insurance 51

HIPAA Journal

JANUARY 11, 2023

Healthcare ransomware attacks have at least doubled in the past 5 years, data recovery from backups has decreased, and it is now common for data to be stolen and publicly released following a successful attack, according to a new analysis recently published in the JAMA Health Forum. million records in 2021. million records in 2021.

Ransomware 132

Ransomware HIPAA Hospitals 132

HIPAA Journal

FEBRUARY 6, 2023

The French Computer Emergency Response Team (CERT-FR) has warned about an ongoing ransomware campaign targeting VMware ESXi hypervisors that have not been patched against the critical heap-overflow vulnerability tracked as CVE-2021-21974. That could indicate CVE-2021-21974 is not the only vulnerability being exploited.

Ransomware 144

Ransomware HIPAA 144

HIPAA Journal

JULY 29, 2022

million global sensors in 215 countries and shows a global fall in ransomware attacks, with notable increases in malware attacks for the first time in 3 years. Ransomware. SonicWall reports a 23% fall in ransomware attacks globally in H1 2022, which fell to 236.1 The data for the report was collected from more than 1.1

Ransomware 145

Ransomware Governance HIPAA 145

HIPAA Journal

FEBRUARY 14, 2022

A joint security advisory has been issued by cybersecurity agencies in the United States, United Kingdom, and Australia, warning about the increased globalized threat of ransomware attacks and the elevated risk of targeted attacks on critical infrastructure entities. 2021 Ransomware Attack Trends. 2021 Ransomware Attack Trends.

Ransomware 137

Ransomware Governance HIPAA Public Health 137

HIPAA Journal

APRIL 21, 2022

The Federal Bureau of Investigation (FBI) has issued a TLP: WHITE flash alert about the BlackCat ransomware-a-s-a-service (RaaS) operation. Unusually for ransomware, it is written in RUST, which is considered to be a more secure programming language that ensures better performance and concurrent processing.

Ransomware 143

Ransomware HIPAA 143

HIPAA Journal

DECEMBER 5, 2022

The Cuba ransomware group has increased attacks in the United States, with attacks doubling since December 2021, and ransom payments are also on the rise. According to CISA and the FBI, there are similarities between the infrastructure used by the Cuba ransomware operation and the RomCom RAT and Industrial Spy ransomware actors.

Ransomware 130

Ransomware Public Health HIPAA Governance 130

HIPAA Journal

AUGUST 16, 2022

In August 2021, the Vice Society ransomware operation published data on its data leak site that had allegedly been obtained in a ransomware attack on United Health Centers of San Joaquin Valley. On August 31, 2021, Bleeping Computer was made aware of the data leak and made multiple attempts to notify United Health Centers.

Ransomware 103

Ransomware HIPAA Licensing Governance 103

HIPAA Journal

APRIL 20, 2022

The HHS’ Office of Information Security Health Sector Cybersecurity Coordination Center (HC3) has issued a TLP: White alert about the Hive ransomware group – A particularly aggressive cybercriminal operation that has extensively targeted the healthcare sector in the United States.

Ransomware 138

Ransomware HIPAA 138

HIPAA Journal

JULY 7, 2022

A joint security alert has been issued to the healthcare and public health sector by the Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Department of the Treasury warning about the threat of Maui ransomware attacks.

Ransomware 145

Ransomware Public Health Electronic Medical Records HIPAA 145

Healthcare IT Today

JULY 14, 2021

Ransomware attacks continue to plague the healthcare industry. In all, cyberattacks on healthcare more than doubled last year, with ransomware making up 28% of those attacks. According to Verizon’s 2021 Data […]. The following is a guest article by Tim Sadler, CEO of Tessian.

Ransomware 142

Ransomware HIPAA 142

HIPAA Journal

FEBRUARY 16, 2022

2021 has been a tough year for the healthcare industry with huge numbers of data breaches occurring and vast numbers of healthcare records exposed as hackers stepped up their attacks on healthcare providers and ransomware actors ran riot. Lessons and Examples from 2021’s HIPAA Breaches and Fines. ET | 11.00

HIPAA 95

HIPAA Ransomware Compliance 95

HIPAA Journal

DECEMBER 13, 2022

The Health Sector Cybersecurity Coordination Center (HC3) has released analyses of two ransomware variants that are being used in attacks on the healthcare sector: LockBit 3.0 LockBit ransomware was first detected in September 2019 when it was known as ABCD ransomware. and has code similar to DarkSide and BlackMatter ransomware.

Ransomware 138

Ransomware HIPAA 138

HIPAA Journal

DECEMBER 30, 2022

A settlement has been proposed by Scripps Health to resolve a consolidated class action lawsuit – In Re: Scripps Health Data Incident Litigation – to resolve all claims related to its 2021 ransomware attack. The ransomware attack has proven to be incredibly costly for Scripps Health. The post Scripps Health Proposes $3.5M

Ransomware 127

Ransomware HIPAA Licensing Doctors 127

HIPAA Journal

MARCH 30, 2022

have confirmed they were recent victims of cyberattacks, both of which involved the use of ransomware. Ransomware Attack Affects 85,282 Law Enforcement Health Benefits Members. LEHB) has recently announced that it was the victim of a ransomware attack that was detected on September 14, 2021.

Ransomware 142

Ransomware Electronic Medical Records HIPAA Licensing 142

HIPAA Journal

MAY 25, 2022

Bryan County Ambulance Authority Ransomware Attack Affects 14,000 Patients. According to the notification letters, the attack was detected on November 24, 2021, when files on its systems were encrypted. Lifespan Services Suffers Ransomware Attack.

Ransomware 137

Ransomware Fraud HIPAA Licensing 137

HIPAA Journal

AUGUST 15, 2022

Multiple ransomware groups have adopted the BazarCall callback phishing technique to gain initial access to victims’ networks, including threat actors that have targeted the healthcare sector. BazarCall was first utilized by the Ryuk ransomware operation in 2020/2021.

Ransomware 145

Ransomware HIPAA 145

Compliancy Group

JANUARY 24, 2025

A clear understanding of health information breaches is necessary to comply with regulations like the Health Insurance Portability and Accountability Act (HIPAA). There was also a 278% jump in ransomware attacks in the same period. In 2021 and 2022, 45.9 Its not just the number of healthcare data breaches that cause concern.

Compliance 94

Compliance Electronic Medical Records Ransomware HIPAA 94

HIPAA Journal

JANUARY 17, 2023

While it is difficult to obtain accurate data on the number of ransomware attacks being conducted on healthcare organizations, the available data suggest there has been a decline in attacks across all industry sectors compared to the high number of attacks reported in 2021.

Ransomware 116

Ransomware HIPAA 116

HIPAA Journal

MARCH 10, 2022

Bako Diagnostics (BakoDx), a Georgia-based provider of laboratory services to healthcare providers, has announced it was the victim of a cyberattack that was discovered on December 28, 2021. The Austin, TX-based cloud hosting and data storage company DataHEALTH has announced it was the victim of a ransomware attack on November 3, 2021.

Ransomware 140

Ransomware Licensing Health Insurance HIPAA 140

HIPAA Journal

APRIL 1, 2022

Partnership Health Plan of California Recovering from Suspected Ransomware Attack. PHC did not state in its notifications what caused the outage, but it appears to have been a ransomware attack by the Hive ransomware operation. Cancer and Hematology Centers of Western Michigan Suffers Ransomware Attack.

Ransomware 126

Ransomware HIPAA Health Insurance 126

HIPAA Journal

MARCH 18, 2022

There was a 45% increase in hacking/IT incidents between 2019 and 2020, and in 2021, 66% of breaches of unsecured electronic protected health information were due to hacking and other IT incidents. A large percentage of those breaches could have been prevented if HIPAA-regulated entities were fully compliant with the HIPAA Security Rule.

HIPAA 142

HIPAA Compliance Ransomware Healthcare information Technology 142

HIPAA Journal

FEBRUARY 16, 2022

Family Christian Health Center (FCHC) in Illinois has announced it was the victim of a ransomware attack in November 2021 that compromised the protected health information of 31,000 patients. Patient Data Potentially Compromised in Jackson County Hospital Ransomware Attack.

Ransomware 132

Ransomware Hospitals Licensing HIPAA 132

HIPAA Journal

FEBRUARY 24, 2022

Two HIPAA-regulated entities have recently started notifying individuals whose protected health information was potentially compromised in cyberattacks that occurred more than 12 months ago, including one where it took 18 months to notify affected individuals that their protected health information had been accessed and potentially acquired.

HIPAA 127

HIPAA Ransomware Health Insurance 127

HIPAA Journal

NOVEMBER 18, 2022

The Hive ransomware-as-a-service (RaaS) operation first emerged in June 2021 and has aggressively targeted the health and public health sector (HPH) and continues to do so. From June 2021 until November 2022, the group conducted attacks on more than 1,300 organizations worldwide, generating more than $100 million in ransom payments.

Ransomware 131

Ransomware Public Health HIPAA Hospitals 131

HIPAA Journal

APRIL 26, 2023

Ransomware actors continue to target the U.S. The most commonly detected malware were droppers, downloaders, remote access tools (RATs), and ransomware. Emotet is capable of self-propagation and lateral movement and is used to deliver malware and ransomware payloads.

Ransomware 122

Ransomware HIPAA Hospitals 122

HIPAA Journal

FEBRUARY 16, 2023

The October 2022 ransomware attack on CommonSpirit Health has cost the health system more than $150 million to date according to its recent quarterly filing, and the costs are continuing to increase as the investigation into the attack and data breach are ongoing. billion in 2021 to $8.30 billion this year.

Ransomware 119

Ransomware HIPAA 119

HIPAA Journal

OCTOBER 6, 2022

An affiliate of the infamous Netwalker ransomware gang has been sentenced to serve 20 years in jail for his role in ransomware attacks on entities in the United States. A law enforcement investigation into the ransomware attacks conducted by Vachon-Desjardins on U.S. years in jail for a separate drug trafficking case.

Ransomware 117

Ransomware Fraud COVID-19 HIPAA 117

Healthcare IT Today

DECEMBER 22, 2023

Department of Health and Human Services (HHS) said it will update the HIPAA Security Rule in 2024 and will ask Congress for new laws and resources to increase civil money penalties for HIPAA violations, increase HIPAA enforcement, and conduct proactive audits.

HIPAA 126

HIPAA Ransomware Compliance Hospitals 126

HIPAA Journal

MARCH 23, 2023

Ransomware gangs are increasingly skipping file encryption and are concentrating on data theft and extortion, according to a recent report from Palo Alto Networks’ Unit 42 team. In the second half of 2021 and throughout 2022, around 1 in 10 attacks by ransomware gangs did not involve file encryption, only data theft and extortion.

Ransomware 103

Ransomware HIPAA Hospitals 103

HIPAA Journal

MARCH 11, 2022

Protenus has released its 2022 Breach Barometer Report which confirms 2021 was a particularly bad year for healthcare industry data breaches, with more than 50 million healthcare records exposed or compromised in 2021. There were 111 insider incidents in 2021, similar to the 110 incidents in 2019, which is a 26% decrease from 2020.

HIPAA 114

HIPAA Ransomware Health Insurance 114

HIPAA Journal

JANUARY 26, 2023

An international law enforcement operation successfully shut down the Emotet botnet in April 2021 but it was eventually rebuilt and started to be used again at the end of 2021. Emotet commonly drops the IcedID banking Trojan, which in turn often delivers ransomware payloads.

Ransomware 122

Ransomware HIPAA 122

HIPAA Journal

FEBRUARY 10, 2023

Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Department of Health and Human Services (HHS), and the Republic of Korea’s Defense Security Agency and National Intelligence Service warning of state-sponsored North Korean (DPRK) ransomware attacks on U.S.

Ransomware 111

Ransomware US Department of Health and Human Services HIPAA Hospitals 111

HIPAA Journal

APRIL 28, 2022

Irvine, CA-based Smile Brands, a provider of support services for dental offices, has recently provided an update on the number of individuals affected by a ransomware attack that was discovered on April 24, 2021. The initial notice to the Maine attorney general was submitted on October 8, 2021.

Ransomware 117

Ransomware Health Insurance HIPAA Licensing 117

HIPAA Journal

OCTOBER 12, 2022

Ransomware attacks continue to plague the healthcare industry. Recently, cybersecurity firm Trend Micro conducted a study to investigate the impact ransomware attacks are having on healthcare organizations. Trend Micro reports that 25% of all data breaches now involve ransomware.

Ransomware 128

Ransomware HIPAA Compliance 128