HIPAA Journal

MAY 25, 2022

SAC Health said it is unaware of any actual or attempted misuse of patient data as a result of the break-in; however, as a precaution against identity theft and fraud, affected individuals have been offered complimentary credit monitoring services. Bryan County Ambulance Authority Ransomware Attack Affects 14,000 Patients.

Ransomware 136

Ransomware Fraud HIPAA Licensing 136

HIPAA Journal

OCTOBER 6, 2022

An affiliate of the infamous Netwalker ransomware gang has been sentenced to serve 20 years in jail for his role in ransomware attacks on entities in the United States. A law enforcement investigation into the ransomware attacks conducted by Vachon-Desjardins on U.S. years in jail for a separate drug trafficking case.

Ransomware 114

Ransomware Fraud COVID-19 HIPAA 114

HIPAA Journal

JUNE 16, 2023

A Russian national has been arrested in Arizona and charged in connection to LockBit ransomware and other cyberattacks conducted on targets in the United States, Europe, Asia, and Africa since 2020. LockBit is currently the most widely used ransomware variant and has been used to extort around $91 million from U.S.

Ransomware 102

Ransomware Fraud HIPAA 102

HIPAA Journal

NOVEMBER 23, 2022

The Rochester Hills, MI-based prosthetics, orthotics, and accessibility solution provider, Wright & Filippis, has recently announced that it was the victim of a ransomware attack on its network. The post 877,500 Individuals Affected by Ransomware Attack on Prosthetics & Orthotics Provider appeared first on HIPAA Journal.

Ransomware 119

Ransomware Fraud Licensing HIPAA 119

HIPAA Journal

FEBRUARY 22, 2023

A lawsuit has been filed against Freehold Township, NJ-based CentraState Healthcare System over its December 2022 ransomware attack, a few days after the health system started sending notification letters to around 617,000 affected patients.

Ransomware 113

Ransomware Fraud Health Insurance HIPAA 113

Healthcare IT Today

JUNE 2, 2023

Today’s threat landscape requires them to plan for ransomware and malware attacks, protect against traditional vulnerabilities in legacy equipment, and mitigate the risk of internal threats. With those competing priorities, fraud prevention does not always make its way to the top of the list of considerations, even when it should.

Fraud 107

Fraud Ransomware Licensing Governance 107

HIPAA Journal

MARCH 13, 2023

The Royal ransomware group claimed responsibility for the attack and issued a ransom demand to prevent the publication of the 16GB of data allegedly stolen in the attack. The post Revenetics Facing Class Action Lawsuit Over Royal Ransomware Attack and Data Breach appeared first on HIPAA Journal.

Ransomware 122

Ransomware Fraud HIPAA 122

HIPAA Journal

DECEMBER 8, 2022

The New York ambulance service, Empress EMS, is facing multiple class action lawsuits over a ransomware attack that was detected on July 14, 2022. The Hive ransomware group was behind the attack, and as per the group’s modus operandi , after gaining access to the network, sensitive files were stolen, then files were encrypted.

Ransomware 114

Ransomware HIPAA Fraud 114

HIPAA Journal

NOVEMBER 7, 2024

The use of ransomware in cyberattacks decreased slightly in the first half of the year; however, the severity of ransomware attacks increased according to the 2024 Cyber Claims Report: Mid-Year Update from cyber insurance and security service provider Coalition. million and $2.5

Ransomware 94

Ransomware Fraud HIPAA 94

HIPAA Journal

JANUARY 6, 2023

The Chicago, IL-based health system, CommonSpirit Health, is facing a class action lawsuit over its October 2022 ransomware attack. Malicious actors gained access to its IT systems on September 16, 2022, and deployed ransomware on October 2, 2022.

Ransomware 102

Ransomware Fraud Electronic Medical Records Hospitals 102

HIPAA Journal

JULY 14, 2023

While this is certainly good news, ransomware-related cryptocurrency payments increased significantly in H1 2023, and if the trend continues in the second half of the year, ransomware revenues could eclipse those of 2022. million in payments were made following ransomware attacks. billion in the first half of 2022.

Ransomware 98

Ransomware Fraud HIPAA 98

HIT Consultant

NOVEMBER 4, 2024

Healthcare organizations must have systems to protect sensitive information from identity theft and fraud, insider threats from employees or contractors with malicious intent, and the manipulation, deletion, corruption, or exposure of electronic health records.

Ransomware 98

Ransomware Regulatory Compliance Compliance Fraud 98

HIPAA Journal

JUNE 13, 2023

million individuals in an April 2023 ransomware attack. The attack was detected when ransomware was used to encrypt and prevent access to files. The lawsuit alleges the plaintiff and class members have been placed at imminent risk of harm and face an ongoing risk of identity theft and fraud. million customers.

Ransomware 102

Ransomware Fraud Health Insurance HIPAA 102

HIPAA Journal

SEPTEMBER 1, 2023

The San Francisco, CA-based law firm, Orrick, Herrington & Sutcliffe LLP, is facing a class action lawsuit over a ransomware attack and data breach that was detected on March 13, 2023. The post Orrick, Herrington & Sutcliffe Sued Over Ransomware Attack and Data Breach appeared first on HIPAA Journal.

Ransomware 99

Ransomware Fraud HIPAA 99

HIPAA Journal

JUNE 21, 2023

Onix Group, a Pennsylvania-based real estate development firm and provider of business management and consulting services, is being sued for failing to prevent a ransomware attack in which the hackers stole the protected health information of 320,000 individuals. The ransomware attack was detected by Onix Group on March 27.

Ransomware 105

Ransomware Fraud HIPAA 105

Becker's Health IT

SEPTEMBER 6, 2022

Ransomware attacks targeting the healthcare industry have increased by 94 percent in the last year as patient data is used by hackers to commit fraud and identity theft, VentureBeat reported Sept.

Ransomware 80

Ransomware Fraud 80

HIPAA Journal

JANUARY 27, 2023

Des Plaines, IL-based Lutheran Social Services of Illinois, one of the largest providers of social services in the state, has announced that its systems were compromised and ransomware was used to encrypt files. Both healthcare organizations were recently added to the data leak site of the BlackCat ransomware group.

Ransomware 105

Ransomware HIPAA Fraud Licensing 105

Healthcare IT Today

DECEMBER 26, 2024

Recent incidents involving fake video calls and voice cloning demonstrate the technology’s potential for sophisticated fraud. The Change Healthcare ransomware attack, which stemmed from a lack of MFA, highlighted the urgent need for stronger identity protections.

US Department of Health and Human Services 90

US Department of Health and Human Services Ransomware Compliance Hospitals 90

HIPAA Journal

AUGUST 31, 2022

The group operates out of Russia and has been operational since at least 2009 and is responsible for the infamous Dridex banking Trojan and several other ransomware and malware variants, including BitPaymer, Hades, Phoenixlocker, WastedLocker, SocGholish, GameOver Zeus, and JabberZeus.

Ransomware 141

Ransomware Fraud Governance Public Health 141

HIPAA Journal

MAY 25, 2023

In April 2023, Point32Health, the second-largest health insurer in Massachusetts and the parent company of Tufts Health Plan and Harvard Pilgrim Health Care, announced it suffered a ransomware attack that resulted in system outages, including the systems that serviced members, accounts, brokers, and providers.

Ransomware 102

Ransomware Health Insurance Fraud HIPAA 102

HIPAA Journal

MARCH 7, 2023

DoppelPaymer ransomware first appeared in 2019. Since then, the ransomware has been used in dozens of attacks on critical infrastructure organizations and industries, and private companies. The ransomware is based on BitPaymer ransomware, which is part of the Dridex malware family.

Ransomware 79

Ransomware Fraud HIPAA Hospitals 79

Healthcare IT Today

MARCH 19, 2025

Recent incidents, such as the massive theft of NHS records in 2024 and a surge in ransomware attacks on healthcare providers, emphasize the urgent need for stronger security frameworks. These events expose the limitations of traditional systems in combating emerging threats like AI-generated fraud and identity manipulation.

Fraud 60

Fraud Ransomware HIPAA Compliance 60

HIPAA Journal

APRIL 11, 2025

The nature of the hacking incident was not disclosed, including when its systems were first breached, if ransomware was used, and if there was an extortion attempt. The affected individuals should be vigilant against identity theft and other fraud by monitoring their accounts and Explanation of Benefits statements carefully.

Ransomware 78

Ransomware Fraud HIPAA Licensing 78

HIT Consultant

DECEMBER 18, 2024

Data breaches, ransomware attacks, and system vulnerabilities have emerged as major disruptors, threatening sensitive patient information and the very foundation of patient care. Identity theft, fraud, and long-term financial harm are just a few examples of the personal fallout patients may face following a data breach.

Ransomware 105

Ransomware Fraud Doctors HIPAA 105

HIPAA Journal

APRIL 16, 2025

On December 22, 2023, Retina Group of Washington, a healthcare provider with eye care clinics in Maryland and Virginia, issued notifications about a ransomware attack on March 26, 2023. Claims may also be submitted to recover extraordinary losses, such as losses due to identity theft and fraud, up to a maximum of $5,000 per class member.

Ransomware 55

Ransomware Fraud Licensing HIPAA 55

HIPAA Journal

FEBRUARY 21, 2022

EHRs usually contain all the information required for multiple types of fraud, including names, addresses, dates of birth, Social Security numbers, other government and state ID numbers, health data, and health insurance information. Malware, and especially ransomware, pose a significant threat to EHRs.

Ransomware 134

Ransomware Fraud HIPAA Health Insurance 134

HIT Consultant

JULY 29, 2024

Image by DC Studio on Freepik What You Should Know: – The Baim Institute for Clinical Research , a leading non-profit academic research organization, has fallen victim to a significant ransomware attack, according to Safety Detective’s cybersecurity team. Consider placing a fraud alert on their credit report.

Fraud 98

Fraud Ransomware HIPAA 98

HIPAA Journal

JANUARY 31, 2023

San Andreas Regional Center – was filed in the Superior Court of California in response to the breach alleging the healthcare provider was negligent for failing to implement reasonable cybersecurity measures to protect against ransomware attacks, despite being aware of the high risk of attacks on the healthcare sector.

Ransomware 59

Ransomware Fraud Health Insurance HIPAA 59

HIT Consultant

JANUARY 12, 2025

Recent breaches in 2024, such as the theft of 300 million NHS records and high-profile ransomware attacks targeting healthcare organizations, underscore the growing demand for this data. AI-generated identity fraud, including deepfakes, and other sophisticated tactics are making traditional security systems obsolete.

Fraud 64

Fraud Regulatory Compliance Ransomware Compliance 64

HIPAA Journal

MARCH 11, 2025

The Rhysida ransomware group has claimed responsibility for the attack and has added Sunflower Medical Group to its data leak site. While the risks associated with the incident are believed to be low, all affected individuals have been advised to be vigilant against phishing attempts and other fraud.

Department of Veterans Affairs 81

Department of Veterans Affairs Licensing Ransomware Fraud 81

HIPAA Journal

MARCH 30, 2023

Ransomware and phishing continue to be the biggest cybersecurity concerns for healthcare organizations according to the February 2023 Current and Emerging Healthcare Cyber Threat Landscape report from Health-ISAC. Ransomware was the biggest concern for 2022 and 2023 with phishing and spear phishing in second.

Ransomware 109

Ransomware Fraud Governance Medical Billing 109

HIPAA Journal

MARCH 3, 2023

The attack was conducted by the Sodinokibi ransomware group, which published some of the stolen data on its data leak site. Claims will also be accepted up to a maximum of $3,500 per claimant to cover documented, extraordinary losses that have not already been reimbursed, such as losses to fraud and identity theft.

Ransomware 101

Ransomware Fraud HIPAA 101

HIPAA Journal

AUGUST 30, 2022

While the nature of the attack was not disclosed, a ransomware group claimed credit for the attack and uploaded some of the stolen data to its data leak site. The post Avamere Holdings Facing Class Action Lawsuit Over 2022 Cyberattack appeared first on HIPAA Journal.

Nursing Homes 122

Nursing Homes Fraud Ransomware HIPAA 122

HIPAA Journal

NOVEMBER 17, 2022

Salud Family Health Provides Update on September 2022 Ransomware Attack. The breach was reported to the HHS’ Office for Civil Rights using a placeholder of 501 and that figure has yet to be updated on the OCR breach portal; however, the threat actor behind the attack – the Lorenz ransomware group – has dumped a sample of the files online.

Ransomware 79

Ransomware Health Insurance Fraud HIPAA 79

HIPAA Journal

FEBRUARY 15, 2023

The medical device manufacturer Electromed has proposed a $850,000 settlement to resolve claims related to a June 2021 ransomware attack and data breach involving the protected health information of 47,200 individuals. A lawsuit – Lutz, et al.

Ransomware 105

Ransomware Fraud Licensing Health Insurance 105

HIPAA Journal

JUNE 5, 2023

Multiple class action lawsuits have been filed against the city of Oakland in California over a ransomware attack and data breach that involved the theft of the personal and protected health information of 13,000 current and former employees. The ransomware attack is understood to have started with phishing emails.

Ransomware 55

Ransomware Fraud HIPAA 55

HIPAA Journal

NOVEMBER 21, 2022

The Wisconsin-based dermatology practice, Forefront Dermatology, has agreed to settle a class action lawsuit filed on behalf of patients whose protected health information (PHI) was compromised in a ransomware attack in late May 2021. Million Settlement to Resolve Ransomware Lawsuit appeared first on HIPAA Journal.

Ransomware 62

Ransomware Fraud HIPAA Licensing 62