Tag Archive for: count

Victim Count Doubles in Heart Institute Data Theft Hack

/in


Cybercrime
,
Fraud Management & Cybercrime
,
Healthcare

Tennessee Practice So Far Faces 5 Proposed Class Action Lawsuits

Marianne Kolbasuk McGee (HealthInfoSec) •
October 16, 2023    

Victim Count Doubles in Heart Institute Data Theft Hack
Image: The Chattanooga Heart Institute

The number of people affected by a Tennessee cardiac care clinic hack has more than doubled to 411,000 since the healthcare group first reported the incident to regulators in July. Cybercriminal group Karakurt claimed responsibility for the attack, which has so far triggered five class action suits.

See Also: Challenges and Solutions in MSSP-Driven Governance, Risk, and Compliance for Growing Organizations

The Chattanooga Heart Institute told the Maine attorney general in a supplemental data breach report filed on Oct. 6 that the total number of affected individuals in a cyberattack on its IT network discovered in April 17 had risen to nearly 411,400 people – including 47 Maine residents.

The Chattanooga, Tennessee-based group in July reported to the U.S. Department of Health and Human Services and the Maine state regulator that the incident had affected 170,450 individuals, including five Maine residents (see: Tennessee Heart Clinic Tells 170,000 of Hacking, Data Breach).

The Chattanooga Heart Institute includes three vascular surgeons and 27 cardiologists at four locations in Tennessee and one in Georgia. In its breach notice, the cardiac practice said its ongoing investigation into the incident had determined that an “unauthorized third party” gained access to its network between March 8 and March 16 and obtained copies of some of the data from its systems containing confidential…

Source…

Victim Count in Maryland Ransomware Breach Jumps Fivefold

/in


Breach Notification
,
HIPAA/HITECH
,
Security Operations

Atlantic General Hospital Now Says Attack Compromised PHI of Nearly 137,000

Marianne Kolbasuk McGee (HealthInfoSec) •
June 26, 2023    

Victim Count in Maryland Ransomware Breach Jumps Fivefold
Image: Atlantic General

A Berlin, Maryland-based hospital recently told regulators that a ransomware breach discovered in January had compromised the sensitive information of nearly 137,000 patients, about five times the number of people originally estimated as having been affected by the incident.

See Also: Live Webinar | The Secret Sauce to Secrets Management

Atlantic General Hospital provided the updated breach tally in a report submitted to Maine’s attorney general on Friday, which supplemented a March 24 filing estimating that about 30,700 people – including three Maine residents – had been affected by the ransomware incident.

The hospital now said that 32 Maine residents are among the total 136,981 individuals affected.

Some experts say the significant increase in the number of individuals illustrates the breach analysis challenges that many organizations encounter in the aftermath of a ransomware or other hacking incident.

“Obtaining an accurate count of affected individuals and determining the type of compromised data in the aftermath of ransomware incidents can be time-consuming due to the need for thorough forensic investigations, extensive data analysis, and the complexity of healthcare systems, which often involve numerous interconnected databases and sources of information,” said Jon Moore, chief risk officer at privacy and security consultancy Clearwater.

Organizations often face regulatory deadlines…

Source…

Will security concerns slow down Rhode Island’s speedy vote count?

/in


A mere hour after polls closed on Election Day, while many states were kicking off days of ballot counting, Rhode Islanders watching closely knew who would win all of the key statewide and federal races, including the ultra-competitive 2nd Congressional District battle.

News organizations were able to call races (and meet deadlines) at hours that a few years ago would have been considered unthinkably early and get a head start formulating their post-vote takeaways.

It hasn’t always been so fast.

A polling site in Newport County on Election Day.

Rhode Island’s rapid election reporting is partly a consequence of its ultra-compact geography and the centralization of its elections bureaucracy compared to larger states where counties play a big role.

And it’s partly because of decisions Rhode Island officials made a few years ago that turned it into the only state in the country where 100% of voting machines transmit results wirelessly.

Source…

Annual Ransomware Detection Count expected to be the highest this year, WatchGuard Threat Lab report reveals / Digital Information World

/in


As per the WatchGuard Threat Lab’s most-recent quarterly Internet Security Report, the number of Ransomware detected in Q1 2022 was double that of the number recorded across the entire 2021.

Additionally, the study reveals that EMEA still happens to be a safe spot for malware risks. It was also found out that WatchGuard Fireboxes in EMEA were impacted more than those in America and Asia-Pacific.

The chief security officer at WatchGuard, Corey Nachreiner stated that 2022 is on its way to becoming the year with the most annual ransomware detections. He advised companies to opt for a “true unified security approach” that is advanced enough to tackle the evolving attacks.

The research also included some other intriguing revelations such as:

#1 Log4Shell makes its presence felt

The public first got to hear about Log4Shell right before the end of 2021. Fast forward to this quarter, it has already popped up on the top 10 network attack list. Furthermore, WatchGuard’s last report emphasized on Log4Shell as the top security event. It attained a full-on 10.0 on CVSS, making it an extremely critical vulnerability, thanks to the fact that it’s commonly used in Java applications.

#2 Emotet is here to stay

Ever since making a comeback in Q4 2021, Emotet has gone on to secure three slots in the top 10 detections and top widespread malware. The threats related to it are Trojan.Vita, Trojan.Valyria, and MSIL.Mesna.4. Threat Lab suggests that Emotet downloads and installs the file after retrieving it from a malware delivery server.

#3 PowerShell scripts contribute to rising endpoint attacks

The findings for Q1 2022 show a year-over-year increase of 38% in endpoint detections. Almost nine out of every 10 such detections (88% to be precise) were thanks to scripts. Digging deep into the scripts led to the discovery that 99.6% of these were PowerShell ones. This indicates that cybercriminals have been putting extra focus on utilizing credible tools for executing fileless and LotL attacks.

#4 Unauthentic activity coupled with authentic crypto mining operations

Popular mining pool, Nanopool became a hot topic of the study in question. Nanopool domains are perceived as credible domains linked…

Source…