- Colonial Pipeline Company, headquartered in Alpharetta, Georgia, was hit by
ransomware and forced to shut down its fuel pipeline operation that spans 5,500 miles from Houston, TX to Linden, NJ. This may cause a further spike in gasoline cost. - Judge Eldon E. Fallon sentenced Edward Tolliver of New Orleans, LA to 124 months in federal prison for making and selling fake credit cards using stolen identities he acquired from Dark Web sites.
- SmileDirectClub, headquartered in Nashville, TN, notified an unknown number of patients their PHI may have been exposed after “systems outage”
- Owners of Tesla beware! Two researchers are warning that a hacker can use a specially equipped drone to remotely hack into and take control of the Tesla car, using the TBONE exploitation.
- The federal Department of Health & Human Services’ Office For Civil Rights reported:
- March there were 1,116,997 patients that had their PHI exposed due to breaches
- April has 2,121,186 patients impacted
- Flashpoint is reporting that Iran’s Islamic Revolutionary Guard Corps is behind ransomware campaign using a hacking group called Emen Net Pasargard.
- The Rochester Community Technical College of Minnesota notified 5,392 students that their info was exposed after cyber security incident.
- Check Point Research is warning that billions of Android-based mobile devices are exposed due to a security vulnerability in Qualcomm’s Mobile Station Modem chips
- Dell Computer announced it has patched flaws in vulnerable firmware that shipped in millions of laptops, tablets and desktop PCs since 2009.
- Peloton Corp., headquartered in New York City, NY, is notifying millions of customers of its Peloton fitness equipment that their info may have been exposed due to newly discovered vulnerability.
- Aprima suffered outages of its cloud-based EHRs due to ransomware attack on MednetwoRX data center in Dallas, TX.
- Lourdes Hospital of Binghamton, NY notified an unknown number of patients that their PHI was exposed after its CaptureRX pharmacy claims processing solution was hacked.
- West Penn Hospital of Pennsylvania announced that former employee, Guy Caley, was convicted of 44 felony and 45 misdemeanor counts for illegal actions which exposed the identities of patients.
- Mandiant Threat Intelligence is reporting of new security vulnerabilities found in Intel and AMD computer processor chips, that bypass fixes that companies issued to correct the past Spectre and Meltdown hacking attacks.
- Wolfe Eye Clinics of Iowa notified an unknown number of patients that their PHI may have been exposed due to cyber attack.
- SEIU 775 Benefits Group of Washington notified 140,000 patients that their PHI was exposed after cyber attack.
- Nexelis Group, headquartered in Seattle, WA, notified an unknown number of patients of Pacific Biomarkers that their PHI was exposed after malware attack.
- Medtronic, with US headquarters in Minnesota, notified an unknown number of patients that their PHI may have been exposed after cybersecurity incident.
- Rx Pharmacies, headquartered in Tri-Cities area of Washington, notified an unknown number of patients that their PHI was exposed after email phishing attack.
- Truesec Security Consulting is reporting that the Russian government is backing Evil Corp., a cybercrime organization.
- The US State Department has fined Honeywell Corp., headquartered in Charlotte, NC, after some of its employees allegedly leaked plans for the F35 and F22 Raptor and other aircraft designs to the Chinese government.
- Health Aid, headquartered in Parma, OH, notified 140,000 patients that their PHI was exposed after cybersecurity incident.
- Scripps Health of San Diego, CA notified an unknown numbers of patients that their PHI may have been exposed after a ransomware attack.
- Midwest Transplant Network, headquartered in Westwood, KS, notified 17,000 patients that their PHI was exposed after ransomware attack.
- Gifford Health Care of Vermont notified an unknown number of patients that their PHImmay have been exposed after a cybersecurity incident.
- Faxton St. Luke’s Healthcare of Utica, NY notified 17,655 patients that their PHI may have been exposed after cybersecurity incident.
- Orthopedic Associates of Dutchess County in New York notified 330,000 patients that their PHI was exposed after cybersecurity incident.
- BakerHostetler published ransomware report:
- Average initial ransomware demand is now $4,583,000
- In healthcare, average ransomware payout is $910,335
- Average forensic investigation cost = $58,963
- HIPAA fines range from $100,000 to $6.85 million
- The Alaska Court System was forced offline after cybersecurity incident.
- Netskope Security is warning that ransomware could be inserted into a network by usingnmalicious Microsoft Office files. The malware could be embedded in MS Excel, MS Word, MS PowerPoint, etc.