Cybersecurity Updates
- University of Vermont (UVM) Health claims that the total cost of recent ransomware attack will exceed $63 million.
- Cedar Springs Hospital of Colorado Springs, Colorado, notified an unknown number of patients that their PHI was exposed after an external drive was stolen.
- Dental Care Alliance, headquartered in Sarasota, Florida, notified over 1 million patients that their PHI was exposed after a ransomware attack.
- Dyras Dental Clinic of Lansing, Michigan notified an unknown number of patients that their PHI was exposed after ransomware attack.
- Employment Specialists of Augusta, Maine notified 3,000 patients that their PHI was exposed after ransomware attack.
- The Federal Aviation Administration announced that former employee Brian J. Booth of Virginia was arrested for allegedly stealing info on foreign officials and attempting to extort for financial gain.
- Chief Security Officer magazine predicts Top 4 Security Trends for 2021:
o Ransomware will be bigger, meaner and smarter
41% of all cybercrime claims filed in 2020 were for ransomware
Average ransom paid is $1.1 million
o CISO will have expanded role (chief information security officer)
o Organizations to reassess security of endpoints (includes printers, fax & MFPs)
o Security talent acquisition – demand goes up - Raytheon Corp., headquartered in Waltham, Mass, announced that former employee James Robert Schweitzer, has been charged with allegedly leaking top secret missile sensor technology.
- The government offices of Bowie County, Miller County & City of Texarkana in Texas all reported that citizen info was exposed after ransomware attacks.
- Presbyterian Health of Albuquerque, New Mexico notified 3,557 patients that their PHI was exposed after a mailer error.
- The National Security Agency published a warning about nation-state actors (hostile foreign countries) exploiting remote work endpoints.
o (this includes hacking into printers and MFPs being used at home)
- Monroe Surgical Hospital of Louisiana notified an unknown number of patients that their PHI was exposed after cybersecurity incident.
- Elgin Mental Health Center of Illinois reported that former employee, Kayla Brown, was arrested by police after allegedly stealing PHI of an unknown number of patients.
- Golden Gate Regional Center of San Francisco, CA notified an unknown number of patients that their PHI was exposed after ransomware attack.
- Greater Baltimore Medical Center of Maryland notified an unknown number of patients that their PHI was exposed after ransomware attack.
- The Department of Health & Human Services’ Office for Civil Rights reported that in November, 2020, nearly 1.2 million patients had their PHI exposed after breaches.
- Hillcrest Nursing Center of Round Lake Beach, IL notified 1,030 patients that their PHI was exposed after a former employee accessed the info.
- Kalispell Regional Healthcare of Montana agreed to pay $4.2 million to settle charges stemming from a breach that exposed PHI of 130,000 patients.
- The City of Long Beach, New York notified an unknown number of citizens that their info was exposed after ransomware attack.
- Embraer Aircraft of Brazil notified an unknown number of customers and employees that their info was exposed after ransomware attack.
- Demetrius Cervantes and Amanda Lowry both pleaded guilty in the Eastern District Texas Court to stealing PHI of an unknown number of patients from a healthcare system andobtaining $1.4 million for its sale, using the cash to buy:
o Land Rover Range Rover
o Dodge Durango
o Polaris RZR off road vehicle
o Can-Am Outlander ATV
o Two Sea-Doo RXT watercraft
o Karavan Sea-Doo watercraft - ZDNet magazine is reporting that some ransomware gangs are now cold-calling their victims on their phones if they suspect that a hacked company is trying to restore from backups and avoid paying the ransom.
- FireEye, a cybersecurity firm headquartered in Milpitas, CA, acknowledged that a threat actor broke into its network and stole a wide range of automated hacking tools and scrips.
- GE Healthcare, announced that it has discovered security vulnerabilities in some of its medical imaging systems and some of its ultrasound systems.
o Hackers could access PHI and/or run arbitrary code - University of Memphis in Tennessee notified an unknown number of people that their info was exposed after email phishing attack.
- Township High School District, Niles Township High School District and Maine Township High School District of Illinois all reported being hacked.
- Cisco Systems Inc., headquartered in San Jose, CA, reported that former employee, Sudhisk Kasaba Ramesh, pleaded guilty to intentionally causing damage that shut down thousands of Webex Teams accounts.
o sentenced Wednesday to two years in federal prison - Brooklyn Defender Services of New York notified an unknown number of clients that their info was exposed after an unauthorized person gained access to some of Brooklyn Defender Services’ employees’ email accounts. Baltimore County school district officials have refused to share information about recent ransomware attack with local police, the county attorney and state information technology experts, County Executive Johnny Olszewski Jr. said Friday.
- Konikoff Dental Associates Harbour View of Suffolk, Virginia notified an unknown number of patients that their PHI was exposed after ransomware attack.
- The Socorro Independent School District of El Paso, TX notified an unknown number of students that their info was exposed after ransomware attack. The Town of Ludlow, Mass Town Hall notified an unknown number of employees and citizens that their info was exposed after ransomware attack.
- DSW Shoe Warehouse, a division of Designer Brands Inc. of Columbus, Ohio, notified an unknown number of customers that their info may have been exposed after ransomware attack.
- Tufts Health Plan of Massachusetts notified 60,545 patients that their PHI was exposed after email phishing attack.
- The Proton Therapy Center, LLC in Knoxville and MTPC, LLC in Nashville, TN both notified an unknown number of patients that their PHI was exposed after ransomware attack.
- Verifone and Ingenico point-of-sale systems – which are used in millions of stores around the world – had security vulnerabilities exposed that could have allowed cyber criminals to steal credit card details, clone terminals and commit other forms of financial fraud at the cost of both buyers and retailers.