HIPAA Journal

AUGUST 15, 2022

Multiple ransomware groups have adopted the BazarCall callback phishing technique to gain initial access to victims’ networks, including threat actors that have targeted the healthcare sector. That action could be to visit a malicious website or download a malicious file.

Ransomware 144

Ransomware HIPAA 144

HIPAA Journal

APRIL 26, 2023

Ransomware actors continue to target the U.S. The most commonly detected malware were droppers, downloaders, remote access tools (RATs), and ransomware. Emotet is capable of self-propagation and lateral movement and is used to deliver malware and ransomware payloads.

Ransomware 119

Ransomware HIPAA Hospitals 119

HIPAA Journal

MARCH 18, 2022

A large percentage of those breaches could have been prevented if HIPAA-regulated entities were fully compliant with the HIPAA Security Rule. Coveware’s Q2, 2021 Quarterly Ransomware Report suggests 42% of ransomware attacks in the quarter saw initial network access gained via phishing emails. Prevention of Phishing.

HIPAA 142

HIPAA Compliance Ransomware Healthcare information Technology 142

HIPAA Journal

FEBRUARY 27, 2023

The healthcare and public health (HPH) sector has been warned about cyberattacks involving MedusaLocker ransomware – one of the lesser-known ransomware variants used in cyberattacks on the sector. The ransomware variant was first detected in September 2019 and the group is thought to primarily target the HPH sector.

Ransomware 115

Ransomware Public Health HIPAA 115

HIPAA Journal

NOVEMBER 10, 2022

The Health Sector Cybersecurity Coordination Center (HC3) has recently shared details of the tactics, techniques, and procedures associated with Venus ransomware attacks, and has made several recommendations on mitigations that healthcare organizations can implement to improve their defenses against attacks.

Ransomware 115

Ransomware HIPAA 115

HIPAA Journal

MARCH 16, 2023

The Health Sector Cybersecurity Coordination Center (HC3) has shared threat intelligence information about the Black Basta ransomware group to help network defenders prevent and rapidly detect attacks in progress. The Black Basta group was first identified in April 2022 and is known to conduct ransomware and extortion attacks.

Ransomware 114

Ransomware HIPAA Governance 114

HIPAA Journal

MARCH 9, 2023

A joint cybersecurity advisory has been published by CISA and the FBI, sharing details of the tactics, techniques, and procedures (TTPs) used by the Royal ransomware gang and Indicators of Compromise (IoCs) to help network defenders better protect against attacks. Full IoCs and TTPs are detailed in the cybersecurity alert.

Ransomware 102

Ransomware Public Health HIPAA 102

HIPAA Journal

MAY 18, 2023

A joint cybersecurity alert has been issued by the Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and Australian Cyber Security Centre (ACSC) about the BianLian ransomware and data extortion group.

Ransomware 111

Ransomware Public Health HIPAA 111

HIPAA Journal

MARCH 10, 2022

The Austin, TX-based cloud hosting and data storage company DataHEALTH has announced it was the victim of a ransomware attack on November 3, 2021. The malware was detected on or around August 9, 2021, with the investigation confirming the malware was downloaded onto its systems on July 27, 2021. DataHealth. Dr. Douglas C.

Ransomware 139

Ransomware Licensing Health Insurance HIPAA 139

HIPAA Journal

JANUARY 27, 2023

Des Plaines, IL-based Lutheran Social Services of Illinois, one of the largest providers of social services in the state, has announced that its systems were compromised and ransomware was used to encrypt files. This coincides with the 60-day reporting deadline of the HIPAA Breach Notification Rule.

Ransomware 105

Ransomware HIPAA Fraud Licensing 105

HIPAA Journal

NOVEMBER 9, 2023

The Cyber Division of the Federal Bureau of Investigation (FBI) has issued a private industry notification that includes details of emerging techniques that are being used by ransomware gangs to gain initial access to victims’ networks. This type of attack is known as callback phishing and has been popular with ransomware gangs since 2022.

Ransomware 99

Ransomware HIPAA 99

Compliancy Group

JUNE 29, 2022

Download the free cybersecurity eBook to get tips on protecting your patient information. Eye Care’s myCare Integrity solution was hacked via a ransomware attack on December 4, 2021. . Let’s Simplify Compliance Cybersecurity and HIPAA go hand-in-hand. × HIPAA Compliance Simplified. Is your organization secure?

Ransomware 98

Ransomware Electronic Medical Records HIPAA Health Insurance 98

Compliancy Group

JANUARY 31, 2025

Change Healthcare Ransomware is the name of the game. Change Healthcare was the victim of a ransomware attack in February 2024 in which the BlackCat/ALPHV ransomware group exfiltrated 190 million patient records. Ascension Health In another large-scale ransomware attack, Ascension Health was targeted by a Black Basta attack.

Ransomware 52

Ransomware HIPAA Medicare Medicare 52

HIPAA Journal

JANUARY 16, 2023

The Health Sector Cybersecurity Coordination Center (HC3) has shared threat intelligence on two sophisticated and aggressive ransomware operations – Blackcat and Royal – which pose a significant threat to the healthcare and public health (HPH) sector. Royal is now the most active ransomware operation, having surpassed Lockbit.

Ransomware 82

Ransomware Public Health HIPAA Hospitals 82

Healthcare IT News - Telehealth

MAY 17, 2022

HIPAA security policies require health systems to conduct a thorough risk analysis on a regular basis. In many cases the devices and wearables used by patients do not transmit data directly to the care-delivery organization, which helps to mitigate against the risk of malware, ransomware or other malicious software. Twitter: @kjercich.

Ransomware 170

Ransomware HIPAA Hospitals 170

HIPAA Journal

AUGUST 12, 2022

The emails have an Evernote-themed lure to trick recipients into downloading a Trojan file that generates a login prompt to steal credentials. The link included in the email directs the user to the Evernote site, where they are prompted to download an HTML file – called message (3).html. Evernote Phishing Campaign. Source: HC3.

Ransomware 112

Ransomware HIPAA 112

HIPAA Journal

JUNE 14, 2023

The group is financially motivated and often engages in data theft for extortion, with or without ransomware. FIN11 often deploys CLOP ransomware in its attacks, although it is unclear exactly how many CLOP ransomware attacks FIN11 has conducted. FIN11 also targeted HPH sector organizations during the COVID-19 pandemic.

Ransomware 102

Ransomware COVID-19 Public Health HIPAA 102

HIPAA Journal

MAY 9, 2023

In January 2023 , NextGen was added to the data leak site of the BlackCat ransomware group, although the listing was later taken down. The incident was investigated and a spokesman for NextGen said no patient data had been exposed or downloaded, and consequently this was not a reportable data breach.

Ransomware 120

Ransomware HIPAA Doctors 120

HIPAA Journal

JANUARY 31, 2024

Report: Security Breaches in Healthcare (Direct Download PDF, 1.9MB, 16 pages) An unwanted record was set in 2023 with 725 large security breaches in healthcare reported to the Department of Health and Human Services (HHS) Office for Civil Rights (OCR), beating the record of 720 healthcare security breaches set the previous year.

Ransomware 126

Ransomware HIPAA Hospitals Compliance 126

HIPAA Journal

JULY 3, 2024

has confirmed that patient data has been compromised in a cyberattack, and the Monti ransomware group has claimed responsibility for a cyberattack on Wayne Memorial Hospital. The hospital has been added to the Monti group’s data leak site, but no data is currently listed for download.

Ransomware 124

Ransomware Health Insurance Hospitals HIPAA 124

HIPAA Journal

NOVEMBER 17, 2022

Salud Family Health Provides Update on September 2022 Ransomware Attack. The breach was reported to the HHS’ Office for Civil Rights using a placeholder of 501 and that figure has yet to be updated on the OCR breach portal; however, the threat actor behind the attack – the Lorenz ransomware group – has dumped a sample of the files online.

Ransomware 79

Ransomware Health Insurance Fraud HIPAA 79

Healthcare IT Today

APRIL 9, 2025

Patients, too, play a rolereusing passwords, downloading unsecured apps, sharing information with third parties hands attackers the keys. A single ransomware attack, data breach, or insider exploit can devalue an entire company overnight. In those cases, deals can fall through or regulatory fines can accumulate. Reputations can tank.

Due Diligence 64

Due Diligence Hospitals Compliance Ransomware 64

HIPAA Journal

MARCH 27, 2023

Devices can be lost or stolen, they may connect to unsecured Wi-Fi networks, and software and applications may have vulnerabilities that can be exploited, resulting in unauthorized network access or the downloading of malware or ransomware. You can access/download the HC3 mobile device security checklist here (PDF).

Ransomware 106

Ransomware HIPAA Hospitals 106

HIPAA Journal

APRIL 10, 2025

The malware is used to exploit the flaw to elevate privileges to facilitate the widespread deployment of ransomware on victims’ systems. Microsoft has observed the threat actor using the certutil utility to download a file with an encrypted PipeMagic payload. Customers in other sectors may also be targeted.

Ransomware 50

Ransomware HIPAA 50

HIPAA Journal

DECEMBER 1, 2022

An unauthorized individual was found to have gained access to its network and downloaded files containing the protected health information of 45,785 patients. Health Plan Member Data Potentially Compromised in Innovative Service Technology Management Services Ransomware Attack.

Health Insurance 112

Health Insurance Ransomware HIPAA Governance 112

HIPAA Journal

JANUARY 30, 2023

The National HIPAA Summit is the leading forum on healthcare EDI, privacy, breach notification, confidentiality, data security, and HIPAA compliance, and the deadline for registration for the Virtual 40th National HIPAA Summit is fast approaching.

US Department of Health and Human Services 81

US Department of Health and Human Services HIPAA Compliance Medicaid 81

HIPAA Journal

APRIL 24, 2024

While state-sponsored threat actors continue to target zero-day flaws, especially China-nexus threat actors, ransomware and data extortion groups are increasingly acquiring and utilizing 0days, helped by the rise of commercially available turnkey exploit kits.

Ransomware 111

Ransomware HIPAA Hospitals 111

HIPAA Journal

AUGUST 4, 2023

Ransomware and information stealing malware were highly prevalent. Amadey has information stealing capabilities and is often used to perform reconnaissance before downloading additional malicious payloads. The post Healthcare and Financial Services Remain Top Targets for Cyber Threat Actors appeared first on HIPAA Journal.

Ransomware 98

Ransomware Governance HIPAA 98

HIPAA Journal

MARCH 30, 2023

Ransomware and phishing continue to be the biggest cybersecurity concerns for healthcare organizations according to the February 2023 Current and Emerging Healthcare Cyber Threat Landscape report from Health-ISAC. Ransomware was the biggest concern for 2022 and 2023 with phishing and spear phishing in second.

Ransomware 109

Ransomware Fraud Governance Medical Billing 109

HIPAA Journal

MARCH 3, 2023

Phishing is one of the most commonly used initial access vectors in cyberattacks, commonly leading to costly account compromises, data breaches, and ransomware attacks. One-third of working adults were unable to define malware, phishing, and ransomware, and there has been little change in understanding since 2021.

Ransomware 141

Ransomware HIPAA 141

HIPAA Journal

MARCH 12, 2025

A new report from the cyber insurance and security services provider Coalition has revealed the most common initial access vectors in ransomware attacks. Compromised credentials for a Citrix panel without multifactor authentication enabled a BlackCat ransomware to breach Change Healthcare’s network in February 2024.

Ransomware 58

Ransomware HIPAA 58

HIPAA Journal

NOVEMBER 8, 2023

Mulkay Cardiology Consultants at Holy Name Medical Center has recently confirmed that it fell victim to a ransomware attack. Ransomware Gangs Claim Responsibility for Attacks on Healthcare Providers The following healthcare providers have recently been added to the data leak sites of ransomware groups. Summit Health (LockBit 3.0)

Ransomware 112

Ransomware Licensing Health Insurance HIPAA 112

HIPAA Journal

JULY 7, 2023

TrueBot is a downloader/botnet malware that establishes a connection with its command-and-control server, collects information on compromised systems, and is used for launching more extensive attacks on compromised networks. FIN11 has been using TrueBot malware to deploy Clop ransomware on victims’ networks.

Ransomware 106

Ransomware HIPAA 106

Healthcare IT Today

MARCH 23, 2023

While there are many tools and best practices to protect against ransomware, such as ensuring backups are segregated from production, proper incident response, file integrity monitoring, etc., From there, the hackers were able to infect the entire network with ransomware. How did it start?

Ransomware 141

Ransomware Hospitals Health Insurance HIPAA 141

HIPAA Journal

JUNE 8, 2022

Emotet has been used to deliver a range of malware variants including IcedID, Trickbot, Qbot, Azorult, and ransomware payloads such as Ryuk and BitPaymer. Emotet malware is primarily delivered via email, most commonly via malicious Office attachments or hyperlinks to compromised websites where the payload is downloaded.

Ransomware 127

Ransomware HIPAA Governance 127

HIPAA Journal

OCTOBER 10, 2022

Threat actors leverage software tools that have already been installed to avoid having to download files via the Internet, malicious activities can be hidden within the logs along site legitimate use of these tools, and these tools are used to conduct malicious activities in the memory to evade security solutions.

Ransomware 109

Ransomware Public Health HIPAA 109

HIPAA Journal

MARCH 8, 2023

Ransomware gangs in particular have seen profits take a nosedive, with ransom payments decreasing by 38% year-over-year as victims refuse to pay up, even when there is the threat of publication of stolen data. In 2022, ransomware attacks were still common, with LockBit and BlackCat the top ransomware families.

Ransomware 102

Ransomware Fraud HIPAA 102