HIPAA Journal

FEBRUARY 22, 2023

A lawsuit has been filed against Freehold Township, NJ-based CentraState Healthcare System over its December 2022 ransomware attack, a few days after the health system started sending notification letters to around 617,000 affected patients.

Ransomware 107

Ransomware Fraud Health Insurance HIPAA 107

HIPAA Journal

DECEMBER 8, 2022

The New York ambulance service, Empress EMS, is facing multiple class action lawsuits over a ransomware attack that was detected on July 14, 2022. The Hive ransomware group was behind the attack, and as per the group’s modus operandi , after gaining access to the network, sensitive files were stolen, then files were encrypted.

Ransomware 110

Ransomware HIPAA Fraud 110

Compliancy Group

DECEMBER 9, 2024

Jefferson Dental Cente r, a South Bend, Indiana dental practice operated by Dr. Lorraine Celis, experienced a ransomware attack on November 15, 2024. Details of the ransomware attack that exposed PHI, and that may have resulted in unauthorized parties obtaining protected health information, are provided below.

Ransomware 69

Ransomware Licensing HIPAA Compliance 69

HIPAA Journal

NOVEMBER 7, 2024

The use of ransomware in cyberattacks decreased slightly in the first half of the year; however, the severity of ransomware attacks increased according to the 2024 Cyber Claims Report: Mid-Year Update from cyber insurance and security service provider Coalition. million and $2.5

Ransomware 89

Ransomware Fraud HIPAA 89

Healthcare IT Today

NOVEMBER 22, 2024

According to a report from the Office of the Director of National Intelligence, ransomware attacks on healthcare organizations doubled between 2022 and 2023 , making the healthcare sector one of the fastest-growing targets for cybercriminals. Then malicious actors can either subscribe to use the ransomware or purchase access outright.

Ransomware 72

Ransomware Hospitals COVID-19 Compliance 72

HIPAA Journal

JUNE 13, 2023

million individuals in an April 2023 ransomware attack. The attack was detected when ransomware was used to encrypt and prevent access to files. The lawsuit alleges the plaintiff and class members have been placed at imminent risk of harm and face an ongoing risk of identity theft and fraud. million customers.

Ransomware 102

Ransomware Fraud Health Insurance HIPAA 102

HIPAA Journal

JANUARY 6, 2023

The Chicago, IL-based health system, CommonSpirit Health, is facing a class action lawsuit over its October 2022 ransomware attack. Malicious actors gained access to its IT systems on September 16, 2022, and deployed ransomware on October 2, 2022.

Ransomware 94

Ransomware Fraud Electronic Medical Records Hospitals 94

Becker's Health IT

SEPTEMBER 6, 2022

Ransomware attacks targeting the healthcare industry have increased by 94 percent in the last year as patient data is used by hackers to commit fraud and identity theft, VentureBeat reported Sept.

Ransomware 80

Ransomware Fraud 80

HIPAA Journal

MARCH 7, 2023

DoppelPaymer ransomware first appeared in 2019. Since then, the ransomware has been used in dozens of attacks on critical infrastructure organizations and industries, and private companies. The ransomware is based on BitPaymer ransomware, which is part of the Dridex malware family.

Ransomware 84

Ransomware Fraud HIPAA Hospitals 84

HIPAA Journal

JULY 14, 2023

While this is certainly good news, ransomware-related cryptocurrency payments increased significantly in H1 2023, and if the trend continues in the second half of the year, ransomware revenues could eclipse those of 2022. million in payments were made following ransomware attacks. billion in the first half of 2022.

Ransomware 88

Ransomware Fraud HIPAA 88

HIPAA Journal

JUNE 21, 2023

Onix Group, a Pennsylvania-based real estate development firm and provider of business management and consulting services, is being sued for failing to prevent a ransomware attack in which the hackers stole the protected health information of 320,000 individuals. The ransomware attack was detected by Onix Group on March 27.

Ransomware 102

Ransomware Fraud HIPAA 102

HIPAA Journal

JANUARY 27, 2023

Des Plaines, IL-based Lutheran Social Services of Illinois, one of the largest providers of social services in the state, has announced that its systems were compromised and ransomware was used to encrypt files. Both healthcare organizations were recently added to the data leak site of the BlackCat ransomware group.

Ransomware 99

Ransomware HIPAA Fraud Licensing 99

HIPAA Journal

SEPTEMBER 1, 2023

The San Francisco, CA-based law firm, Orrick, Herrington & Sutcliffe LLP, is facing a class action lawsuit over a ransomware attack and data breach that was detected on March 13, 2023. The post Orrick, Herrington & Sutcliffe Sued Over Ransomware Attack and Data Breach appeared first on HIPAA Journal.

Ransomware 87

Ransomware Fraud HIPAA 87

HIPAA Journal

AUGUST 31, 2022

The group operates out of Russia and has been operational since at least 2009 and is responsible for the infamous Dridex banking Trojan and several other ransomware and malware variants, including BitPaymer, Hades, Phoenixlocker, WastedLocker, SocGholish, GameOver Zeus, and JabberZeus.

Ransomware 126

Ransomware Fraud Governance Public Health 126

HIPAA Journal

MAY 25, 2023

In April 2023, Point32Health, the second-largest health insurer in Massachusetts and the parent company of Tufts Health Plan and Harvard Pilgrim Health Care, announced it suffered a ransomware attack that resulted in system outages, including the systems that serviced members, accounts, brokers, and providers.

Ransomware 91

Ransomware Health Insurance Fraud HIPAA 91

Healthcare IT News - Telehealth

OCTOBER 28, 2020

"Mass adoption of this technology will lead to new cybercrime focus, with an emphasis on stealing patient data to enable fraud, target health data in ransomware attacks, trick patients in social engineering schemes, and target remote patient monitoring devices," wrote the report authors.

Ransomware 160

Ransomware Fraud Telemedicine COVID-19 160

HIPAA Journal

FEBRUARY 21, 2022

EHRs usually contain all the information required for multiple types of fraud, including names, addresses, dates of birth, Social Security numbers, other government and state ID numbers, health data, and health insurance information. Malware, and especially ransomware, pose a significant threat to EHRs.

Ransomware 133

Ransomware Fraud HIPAA Health Insurance 133

HIPAA Journal

JANUARY 31, 2023

San Andreas Regional Center – was filed in the Superior Court of California in response to the breach alleging the healthcare provider was negligent for failing to implement reasonable cybersecurity measures to protect against ransomware attacks, despite being aware of the high risk of attacks on the healthcare sector.

Ransomware 63

Ransomware Fraud Health Insurance HIPAA 63

Compliancy Group

DECEMBER 20, 2024

The settlement is the third ransomware settlement entered into by OCR. On October 31, 2017, OCR initiated a compliance review of HVHS after the media reported that HVHS had experienced a ransomware attack. OCR imposed the ransomware civil monetary penalty for potential HIPAA Security Rule violations.

Ransomware 52

Ransomware HIPAA Fraud Electronic Medical Records 52

HIPAA Journal

NOVEMBER 17, 2022

Salud Family Health Provides Update on September 2022 Ransomware Attack. The breach was reported to the HHS’ Office for Civil Rights using a placeholder of 501 and that figure has yet to be updated on the OCR breach portal; however, the threat actor behind the attack – the Lorenz ransomware group – has dumped a sample of the files online.

Ransomware 84

Ransomware Health Insurance HIPAA Fraud 84

HIT Consultant

JULY 29, 2024

Image by DC Studio on Freepik What You Should Know: – The Baim Institute for Clinical Research , a leading non-profit academic research organization, has fallen victim to a significant ransomware attack, according to Safety Detective’s cybersecurity team. Consider placing a fraud alert on their credit report.

Fraud 98

Fraud Ransomware HIPAA 98

HIPAA Journal

NOVEMBER 21, 2022

The Wisconsin-based dermatology practice, Forefront Dermatology, has agreed to settle a class action lawsuit filed on behalf of patients whose protected health information (PHI) was compromised in a ransomware attack in late May 2021. Million Settlement to Resolve Ransomware Lawsuit appeared first on HIPAA Journal.

Ransomware 68

Ransomware Fraud HIPAA Licensing 68

HIPAA Journal

AUGUST 30, 2022

While the nature of the attack was not disclosed, a ransomware group claimed credit for the attack and uploaded some of the stolen data to its data leak site. The post Avamere Holdings Facing Class Action Lawsuit Over 2022 Cyberattack appeared first on HIPAA Journal.

Nursing Homes 127

Nursing Homes Fraud Ransomware HIPAA 127

HIPAA Journal

JUNE 5, 2023

Multiple class action lawsuits have been filed against the city of Oakland in California over a ransomware attack and data breach that involved the theft of the personal and protected health information of 13,000 current and former employees. The ransomware attack is understood to have started with phishing emails.

Ransomware 58

Ransomware Fraud HIPAA 58

HIPAA Journal

MARCH 30, 2023

Ransomware and phishing continue to be the biggest cybersecurity concerns for healthcare organizations according to the February 2023 Current and Emerging Healthcare Cyber Threat Landscape report from Health-ISAC. Ransomware was the biggest concern for 2022 and 2023 with phishing and spear phishing in second.

Ransomware 106

Ransomware Fraud Governance Medical Billing 106

HIT Consultant

AUGUST 7, 2024

These attacks most often lead to trojan horses, including ransomware, that are presently targeting the healthcare sector. As one of the most active ransomware-as-a-service (RaaS) threat actors today, Black Basta has set its sights on the healthcare sector, claiming responsibility for the recent attack on St.

Ransomware 116

Ransomware Fraud Hospitals Doctors 116

HIPAA Journal

MAY 18, 2023

This was the second data breach to be reported by NextGen this year, with the earlier incident being a BlackCat ransomware attack. Further, NextGen had suffered a ransomware attack just a few weeks previously and should have known that security needed to be improved.

Ransomware 124

Ransomware Fraud HIPAA 124

HIPAA Journal

JUNE 8, 2023

a provider of call center and customer experience software technology to large enterprises, has recently confirmed that it fell victim to a ransomware attack on a limited portion of its network. The post Alvaria Confirms November 2022 Hive Ransomware Attack appeared first on HIPAA Journal. (formerly Aspect Software, Inc.),

Ransomware 52

Ransomware Fraud HIPAA Health Insurance 52

Total HIPAA

FEBRUARY 25, 2020

Ransomware attacks have surged in the last year.¹ Ransomware is a form of malware that infects devices via a Trojan, a kind of malicious code disguised as legitimate software. Frequency of Ransomware Attacks Increases. In 2019, ransomware incidents disrupted many organizations’ infrastructure and ability to do business.

Ransomware 52

Ransomware HIPAA Compliance Fraud 52

HIPAA Journal

JUNE 15, 2022

Goodman Campbell Brain and Spine Suffers Ransomware Attack. In the meantime, Goodman Campbell has recommended all patients monitor their credit reports, obtain a fraud alert, and place a security freeze on their credit as a precaution. This post will be updated when further information becomes available.

Ransomware 142

Ransomware Health Insurance Fraud HIPAA 142

HIPAA Journal

MARCH 3, 2023

The attack was conducted by the Sodinokibi ransomware group, which published some of the stolen data on its data leak site. Claims will also be accepted up to a maximum of $3,500 per claimant to cover documented, extraordinary losses that have not already been reimbursed, such as losses to fraud and identity theft.

Ransomware 91

Ransomware Fraud HIPAA 91

HIPAA Journal

FEBRUARY 15, 2023

The medical device manufacturer Electromed has proposed a $850,000 settlement to resolve claims related to a June 2021 ransomware attack and data breach involving the protected health information of 47,200 individuals. A lawsuit – Lutz, et al.

Ransomware 95

Ransomware Fraud Licensing Health Insurance 95

HIPAA Journal

JANUARY 24, 2023

Another lawsuit has been filed against CommonSpirit Health over its 2022 ransomware attack and data breach that alleges the nation’s largest catholic health system failed to implement reasonable and appropriate safeguards to prevent unauthorized access to sensitive patient data.

Ransomware 58

Ransomware Fraud HIPAA Hospitals 58

Compliancy Group

JANUARY 25, 2022

Other findings in the report included: Ransomware-related data breaches have doubled in each of the past two years. At the current rate, ransomware attacks will surpass phishing as the number one root cause of data compromises in 2022. We may look back at 2021 as the year when we moved from the era of identity theft to identity fraud.

HIPAA 98

HIPAA Ransomware Governance Fraud 98

HIPAA Journal

APRIL 23, 2024

Notification letters have been sent to more than 34,500 individuals about ransomware attacks that occurred more than 9 months ago. Kisco Senior Living experienced its attack in June 2023, and Island Ambulatory Surgery Center suffered an attack in July.

Ransomware 110

Ransomware Fraud Licensing HIPAA 110

HIPAA Journal

MAY 17, 2023

In April 2023, the Money Message ransomware group announced it had breached the systems of PharMerica and its parent company, BrightSpring Health Services, and added both to its data leak site. The group claimed to have exfiltrated databases containing 4.7 PharMerica has now confirmed the extent of the data breach.

Ransomware 106

Ransomware HIPAA Fraud Health Insurance 106

HIPAA Journal

JANUARY 24, 2023

The theft of protected health information places patients and health plan members at risk of identity theft and fraud, but by far the biggest concern is the threat to patient safety. Multiple studies have identified an increase in mortality rates at hospitals following ransomware attacks and other major cyber incidents.

HIPAA 122

HIPAA Ransomware Hospitals Fraud 122