- Blackberry Research report:
- 12 malware attacks per minute
- U.S. is most targeted of all countries
- 60% of all attacks are finance/healthcare/grocery industries
- Top malware attack on healthcare from:
- Emotet, RedLine, BlackCat, Royal, Cobalt Strike and Mallox
- Critical Insight research published:
- PHI stolen up 35%
- 28 million patients impacted in last 6 months of 2022
- Northwell Health of New York field a lawsuit against a former employee for illegally posting information on deceased patients.
- Journal of American Medicine Association (JAMA) published report detailing how adjacent emergency departments had their service disrupted after Scripps Health of San Diego suffered cyber attack.
- Unique Imaging Clinics of Florida notified an unknown number of patients that their PHI was exposed after ransomware attack.
- University Urology Clinics of New York notified 58,816 patients that their PHI was exposed after ransomware attack.
- BakerHostetler report published on breaches:
- 45% of incidents started with network intrusion
- 17% of incidents involved insider-caused breaches
- 11% caused by unpatched vulnerabilities
- 28% of hacks ended with ransomware deployments
- 24% of all breaches in healthcare vertical (#1 target)
- 67 days = average amount of time from discovery to notification of breach
- $90,355 = average cost to investigate network instruction
- $600,688 = average ransom paid
- $1,562,141 = average ransom paid by health system
- 40% = of all vertical market organizations pay the ransom
- NationsBenefits Insurance notified 3 million customers that their info was exposed after ransomware attack.
- The federal Office for Civil Rights levied a $15,000 fine to Mente Psychotherapy Services of Pittsburgh, PA regarding HIPAA breach.
- Socrates Academy Schools of Matthews, North Carolina notified an unknown number of students that their info was exposed after FERPA breach.
- Movement Schools of Charlotte, North Carolina notified an unknown number of students that their info was exposed after FERPA breach.
- Maxim HealthCare Services of California notified 28,425 patients that their PHI was exposed after breach. - SuperCare Health of California agreed to pay $2.25 million to settle lawsuit related to breach that exposed patients PHI.
- Adna School District of Centralia, WA was defrauded $346,000 after an email phishing attack.
- Joseph Sullivan, former CISO of Uber Corp. was sentenced to 3 years probation and $50,000 fine after a breach in 2022 exposed info on 57 million people.
- Hillsborough County government offices in Florida notified an unknown number of citizens that their info may have been exposed after ransomware attack.
- U.S. Department of Transportation is notifying 237,000 federal employees that their personal was exposed after cyber attack.
- Toyota notified owners of 2 million of its cars that their info was exposed after cyber attack.
Original Post