Cybersecurity Updates
Cyber consulting firms are getting dragged into post-breach lawsuits, according to article published by Bloomberg Law.
o Accenture Plc’s unit was compelled to provide info during recent suit filed against Marriott International
o Was forced to turn over cybersecurity firm Mandiant’s report on a cloud hack in another case.
o Class action lawyers claim it could provide “a vivid trail for liability”
The feds report that in the month of October, 2020, over 2.1 million patients had their PHI exposed due to breaches in the U.S. healthcare industry.
o For the year so far, over 22 million patients have been impacted
o Since the feds began tracking in 2009, more than 261 million patients impacted
Advanced Urgent Care of Key West, Florida notified an unknown number of patients that their PHI was exposed after ransomware attack.
Provider Health Services of Lafayette, LA notified 1,700 patients that their PHI was exposed after email phishing attack.
Intellirad Imaging of Miami, FL notified 1,862 patients that their PHI was exposed after email phishing attack.
New Jersey Dental Hygienist Association (NJDHA) notified an unknown number of patients that their PHI was exposed after ransomware attack.
Nova Biomedical of Waltham, MA notified an unknown number of patients that their PHI was exposed after ransomware attack.
Ascend Clinical of Redwood City, CA notified 77,443 patients that their PHI was exposed after ransomware attack.
X-Cart, a e-commerce software vendor headquartered in Athens, GA notified an unknown number of customers that their info was exposed after ransomware attack.
Saint Francis Healthcare System of Missouri, agreed to pay $350,000 to settle a lawsuit filed regarding PHI of 107,000 patients being exposed after ransomware attack.
Hendrick Health System of Abiline, TX notified an unknown number of patients that their PHI may have been exposed after ransomware attack.
Researchers at University of Alabama-Birmingham are reporting that hackers can monitor a computer’s CPU power consumption to obtain information that potentially could be used to hack into network.
Arkansas Otolaryngology of Little Rock, AR notified 12,000 patients that their PHI was exposed after email phishing attack.
Lawrence General Hospital of Lawrence, Mass notified an unknown number of patients that their PHI may have been exposed after ransomware attack.
Luxottica, with North American headquarters in Mason, OH, and owner of LensCrafters, Target Optical, EyeMed, etc., notified an unknown number of patients that their PHI was exposed after ransomware attack.
Jekyll Island Authority of Georgia notified 7,000 citizens that their info was exposed after ransomware attack.
Vertafore, an insurance software company headquartered in Denver, Colorado, notified 27.7 million Texas drivers that that info was exposed after it was illegally accessed on a external storage service.
- Dragos Security published report stating that the manufacturing vertical is now a major target for ransomware attacks.
o Hackers are attempting to insert the malware by targeting industrial control systems (ICS)
Dr. Rajendra Bhayani Otalaryngology Clinic in Regal Park, NY paid $15,000 to settle a HIPAA lawsuit for allegedly failing to provide patients records they had requested.
Pell City, Alabama notified 1,050 citizens that their info was exposed after cyber security incident.
Zscaler Security published report stating that there is a 260% increase in encrypted attacks from hackers.
o Hackers are hiding their malware inside encrypted traffic
o Top vertical attacked is healthcare at 25.5% of attacks.
Digital Shadows Research is reporting that hackers are offering DDoS (distributed denial of service attack to temporarily knock company networks offline) as a rental
o Starting an at average cost of $7 for disruption that lasts a few minutes
o Hackers try to enter network through IoT (internet of things) devices (which could be a printer or MFP)
Zoll Medical Devices filed a lawsuit against its managed IT services vendor, Barracuda Networks for alleged negligence after a breach exposed PHI of 277,139 patients.
Gemini Advisory published report warning businesses that hackers are able to dodge traditional security platforms using new methods to implant malware into emails that are altered to look like they are coming from legitimate sources.
Hackers earn prizes! The 2020 Tianfu Cup International PWN contest was held in China for hackers.
o Total of $1.2 million in prizes or bounties paid out for successful hacks
o Devices hacked included:
Apple iPhone 11 Pro
Samsung Galaxy S20