Healthcare Dive

NOVEMBER 1, 2023

Doctors’ Management Services agreed to settle claims it did not comply with HIPAA breach rules and failed to identify risks after a cyberattack exposed the information of more than 200,000 patients.

Ransomware 300

Ransomware Doctors HIPAA 300

HIPAA Journal

MARCH 25, 2025

Columbia Eye Clinic, South Carolina Columbia Eye Clinic, a medical and surgical ophthalmology practice with four locations in Columbia and Lexington in South Carolina, announced a data security incident on March 14, 2025, involving the exposure of patients’ protected health information.

Ransomware 86

Ransomware Licensing Electronic Medical Records Health Insurance 86

Healthcare IT Today

NOVEMBER 22, 2024

According to a report from the Office of the Director of National Intelligence, ransomware attacks on healthcare organizations doubled between 2022 and 2023 , making the healthcare sector one of the fastest-growing targets for cybercriminals. Then malicious actors can either subscribe to use the ransomware or purchase access outright.

Ransomware 67

Ransomware Hospitals COVID-19 Compliance 67

Total Medical ComplianceHIPAA

NOVEMBER 8, 2024

Department of Health and Human Services (HHS) Office for Civil Rights (OCR) and Cascade Eye and Skin Centers underscores OCR’s expectations for healthcare providers regarding cybersecurity under the HIPAA Security Rule. Cascade failed to monitor its systems effectively, delaying its awareness of the ransomware attack.

Ransomware 59

Ransomware HIPAA Compliance 59

Healthcare It News

MAY 13, 2024

The Health Information Sharing and Analysis Center issued a threat alert Friday about the Russia-backed ransomware group Black Basta, warning of its accelerated attempted attacks against the healthcare sector. Over the weekend, Ascension stated that it notified law enforcement.

Hospitals 352

Hospitals Ransomware Governance Doctors 352

HIPAA Journal

MARCH 31, 2025

Oracle appears to have suffered two security incidents, one of which involved data stored by Oracle Health related to the electronic health record (EHR) company Cerner.Oracle Health is a provider of health information technology to hospitals. Multiple Hospitals appeared first on The HIPAA Journal.

Hospitals 83

Hospitals Ransomware HIPAA 83

HIPAA Journal

JUNE 29, 2022

On June 25, 2022, a spokesperson for a threat group called DAIXIN Team contacted HIPAA Journal to share information about a ransomware attack and data theft incident at Fitzgibbon Hospital in Marshall, Missouri. DAIXIN Team was previously not known to HIPAA Journal and appears to be a new ransomware group.

Ransomware 138

Ransomware Hospitals HIPAA Health Insurance 138

Compliancy Group

JANUARY 24, 2025

A healthcare information breach, such as hacking or an insider threat, invades the privacy of patients who depend on your organizations protection. A healthcare information breach is the disclosure, sharing, or access of a patients protected health information (PHI) without written consent.

Compliance 94

Compliance Electronic Medical Records Ransomware HIPAA 94

HIPAA Journal

JANUARY 11, 2023

Healthcare ransomware attacks have at least doubled in the past 5 years, data recovery from backups has decreased, and it is now common for data to be stolen and publicly released following a successful attack, according to a new analysis recently published in the JAMA Health Forum. Out of the 374 confirmed ransomware attacks, only 20.6%

Ransomware 130

Ransomware HIPAA Hospitals 130

HIPAA Journal

MARCH 11, 2025

A settlement has been agreed to resolve a lawsuit against the Rhode Island Public Transit Authority (RIPTA) and UnitedHealthcare New England (UHC) over a 2021 ransomware attack. The post Settlement Agreed to Resolve RIPTA Ransomware Attack Lawsuit appeared first on The HIPAA Journal.

Ransomware 50

Ransomware Fraud HIPAA Health Insurance 50

HIPAA Journal

NOVEMBER 23, 2022

Doctors’ Center Hospital in Puerto Rico has recently notified the Department of Health and Human Services’ Office for Civil Rights (OCR) that it has experienced a hacking/IT incident in which the protected health information of 1,195,220 patients has potentially been compromised. Million Patients appeared first on HIPAA Journal.

Ransomware 139

Ransomware Hospitals Doctors HIPAA 139

HIPAA Journal

MAY 25, 2022

Social Action Community Health System (SAC Health) has recently notified 149,940 patients that documents containing their protected health information were stolen in a break-in at an off-site storage location where patient records were stored. Bryan County Ambulance Authority Ransomware Attack Affects 14,000 Patients.

Ransomware 136

Ransomware Fraud HIPAA Licensing 136

HIPAA Journal

JULY 4, 2022

According to the company’s substitute breach notice, a sophisticated ransomware attack was detected and blocked on February 26, 2022; however, not in time to prevent some of its computer systems from being disabled. Third-party forensics specialists were engaged to investigate the breach and provide assistance with securing its environment.

Ransomware 138

Ransomware HIPAA Health Insurance Governance 138

HIPAA Journal

MARCH 30, 2022

have confirmed they were recent victims of cyberattacks, both of which involved the use of ransomware. Ransomware Attack Affects 85,282 Law Enforcement Health Benefits Members. LEHB) has recently announced that it was the victim of a ransomware attack that was detected on September 14, 2021. Law Enforcement Health Benefits, Inc.

Ransomware 142

Ransomware Electronic Medical Records HIPAA Licensing 142

HIPAA Journal

AUGUST 3, 2022

The health insurer Aetna ACE is one of the latest healthcare organizations to announce it has been affected by a ransomware attack on a mailing vendor, which involved the protected health information of 326,278 plan members. The ransomware attack affected OneTouchPoint, which provides printing and mailing services for U.S.

Ransomware 143

Ransomware HIPAA Health Insurance 143

HIPAA Journal

JUNE 13, 2022

Yuma Regional Medical Center (YRMC) in Arizona has announced it was the victim of a ransomware attack in April in which the attackers obtained the protected health information of approximately 700,000 current and former patients. Ransomware attacks often result in the exposure of stolen data if the ransom is not paid.

Ransomware 134

Ransomware Electronic Medical Records HIPAA Health Insurance 134

HIPAA Journal

MARCH 10, 2023

Codman Square Health Center in Boston, MA, has confirmed that it was the victim of a ransomware attack in November 2022 in which hackers gained access to the protected health information of 10,161 current and former patients. The post Ransomware Attack Announced by Codman Square Health Center appeared first on HIPAA Journal.

Ransomware 128

Ransomware HIPAA 128

Healthcare IT Today

DECEMBER 10, 2024

We can’t give up the digital transformations we’ve made in our organizations but we also can’t ignore the looming threat of security threats and ransomware attacks. These privacy-enhancing techniques help protect sensitive health information at the source while also maintaining usability across large-scale EHR systems.

Compliance 126

Compliance Due Diligence HIPAA Governance 126

HIPAA Journal

APRIL 20, 2022

The HHS’ Office of Information Security Health Sector Cybersecurity Coordination Center (HC3) has issued a TLP: White alert about the Hive ransomware group – A particularly aggressive cybercriminal operation that has extensively targeted the healthcare sector in the United States.

Ransomware 138

Ransomware HIPAA 138

HIPAA Journal

AUGUST 29, 2022

EmergeOrtho, a North Carolina orthopedic practice, has recently notified 75,200 patients that some of their protected health information has been accessed by unauthorized individuals. According to EmergeOrtho’s substitute breach notice, a sophisticated ransomware attack was detected and blocked on May 18, 2022.

Ransomware 127

Ransomware HIPAA 127

HIPAA Journal

DECEMBER 5, 2022

The Cuba ransomware group has increased attacks in the United States, with attacks doubling since December 2021, and ransom payments are also on the rise. According to CISA and the FBI, there are similarities between the infrastructure used by the Cuba ransomware operation and the RomCom RAT and Industrial Spy ransomware actors.

Ransomware 127

Ransomware Public Health HIPAA Governance 127

HIPAA Journal

AUGUST 17, 2022

According to the breach notification sent to the California Attorney General, Practice Resources was the victim of a ransomware attack on April 12, 2022. Brownsville, TX-based Valley Baptist Medical Center has recently started notifying certain patients that some of their protected health information has been exposed and potentially stolen.

Ransomware 143

Ransomware HIPAA Hospitals Health Insurance 143

HIPAA Journal

DECEMBER 9, 2022

The Health Sector Cybersecurity Coordination Center (HC3) has issued a warning to the healthcare and public health (HPH) sector about Royal ransomware attacks. Royal ransomware is a new ransomware threat that was first observed being used in attacks in September 2022. Both will prevent files from being opened.

Ransomware 130

Ransomware Public Health HIPAA 130

HIPAA Journal

AUGUST 11, 2022

Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a joint security alert about the Zeppelin ransomware-as-a-service (RaaS) operation, which has extensively targeted organizations in the healthcare and medical industries.

Ransomware 141

Ransomware HIPAA 141

HIPAA Journal

FEBRUARY 14, 2022

A joint security advisory has been issued by cybersecurity agencies in the United States, United Kingdom, and Australia, warning about the increased globalized threat of ransomware attacks and the elevated risk of targeted attacks on critical infrastructure entities. 2021 Ransomware Attack Trends. 2021 Ransomware Attack Trends.

Ransomware 136

Ransomware Governance HIPAA Public Health 136

HIPAA Journal

JULY 7, 2022

A joint security alert has been issued to the healthcare and public health sector by the Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Department of the Treasury warning about the threat of Maui ransomware attacks.

Ransomware 145

Ransomware Public Health Electronic Medical Records HIPAA 145

HIPAA Journal

FEBRUARY 18, 2022

CrowdStrike has released its annual threat report which shows there was a major increase in data leaks following ransomware attacks in 2021, rising 82% from 2020. CrowdStrike observed 2,686 ransomware attacks in 2021 compared to 1,474 in 2020. There were more than 50 ransomware attacks a week in 2021.

Ransomware 145

Ransomware HIPAA 145

HIPAA Journal

MARCH 24, 2022

The Federal Bureau of Investigation (FBI) Internet Crime Complaint Center (IC3) has released its 2021 Internet Crime Report , which reveals there were at least 649 ransomware attacks on critical infrastructure organizations from June 2021 to December 2021. Losses to ransomware are difficult to determine.

Ransomware 137

Ransomware Public Health Fraud HIPAA 137

HIPAA Journal

MARCH 18, 2022

There was a 45% increase in hacking/IT incidents between 2019 and 2020, and in 2021, 66% of breaches of unsecured electronic protected health information were due to hacking and other IT incidents. A large percentage of those breaches could have been prevented if HIPAA-regulated entities were fully compliant with the HIPAA Security Rule.

HIPAA 142

HIPAA Compliance Ransomware Healthcare information Technology 142

HIPAA Journal

MAY 10, 2022

The tactics, techniques, and procedures (TTPs) used by ransomware and other cyber threat actors are constantly evolving to evade detection and allow the groups to conduct more successful attacks. HC3 has not observed any change in the numbers of IABs working with ransomware gangs in Q1, 2022, with similar numbers observed as throughout 2022.

Ransomware 126

Ransomware COVID-19 HIPAA Public Health 126

HIPAA Journal

DECEMBER 30, 2022

A settlement has been proposed by Scripps Health to resolve a consolidated class action lawsuit – In Re: Scripps Health Data Incident Litigation – to resolve all claims related to its 2021 ransomware attack. The ransomware attack has proven to be incredibly costly for Scripps Health.

Ransomware 125

Ransomware HIPAA Licensing Doctors 125

HIPAA Journal

DECEMBER 13, 2022

Ransomware remains one of the most serious threats to the healthcare industry. The ransomware gang assumes that prior to the appointment, the doctor will open the file to check the patient’s records, and will install malware that will provide access to their device. Telemedicine Providers Targeted.

Ransomware 144

Ransomware Telemedicine Doctors HIPAA 144

HIPAA Journal

DECEMBER 8, 2022

The New York ambulance service, Empress EMS, is facing multiple class action lawsuits over a ransomware attack that was detected on July 14, 2022. The Hive ransomware group was behind the attack, and as per the group’s modus operandi , after gaining access to the network, sensitive files were stolen, then files were encrypted.

Ransomware 114

Ransomware HIPAA Fraud 114

HIPAA Journal

APRIL 26, 2023

Ransomware actors continue to target the U.S. The most commonly detected malware were droppers, downloaders, remote access tools (RATs), and ransomware. Emotet is capable of self-propagation and lateral movement and is used to deliver malware and ransomware payloads.

Ransomware 119

Ransomware HIPAA Hospitals 119

HIPAA Journal

NOVEMBER 23, 2022

The Rochester Hills, MI-based prosthetics, orthotics, and accessibility solution provider, Wright & Filippis, has recently announced that it was the victim of a ransomware attack on its network. The post 877,500 Individuals Affected by Ransomware Attack on Prosthetics & Orthotics Provider appeared first on HIPAA Journal.

Ransomware 120

Ransomware Fraud Licensing HIPAA 120

HIPAA Journal

MAY 25, 2023

CommonSpirit Health has provided an updated estimate on the cost of its October 2022 ransomware attack, which is expected to increase to $160 million. The ransomware attack was detected by CommonSpirit Health on October 2, 2022, forcing systems to be taken offline. The lawsuit was filed in December 2022 in the U.S.

Ransomware 124

Ransomware HIPAA Hospitals 124

HIPAA Journal

FEBRUARY 16, 2022

Family Christian Health Center (FCHC) in Illinois has announced it was the victim of a ransomware attack in November 2021 that compromised the protected health information of 31,000 patients. Patient Data Potentially Compromised in Jackson County Hospital Ransomware Attack.

Ransomware 130

Ransomware Hospitals Licensing HIPAA 130