Tag Archive for: medical

NJ medical lab employee indicted on charges he sabotaged competitor’s computer systems

/in


A New York man employed at a medical testing lab in New Jersey allegedly sabotaged his competitor’s operations by posing as a repairman to enter the other laboratory’s offices, based in Millburn, and disabled their computer systems and security devices, according to the Justice Department.

Eric Leykin, 32, of Brooklyn, was indicted in federal court last week on charges of wire fraud, accusing him of using a prepaid cellphone to call his competitor in July 2022, posing as an employee from the lab’s tech support firm, and made an appointment to service their equipment the following day, according to court documents.

Upon arriving at the facility, Leykin allegedly proceeded to sever wires connected to the lab’s security system, removed multiple computer hard drives, unplugged the company’s backup generator and damaged various testing devices, the indictment claims.

If convicted, Leykin could serve up to 20 years in federal prison and face a fine of either $250,000 or an amount equal to the company’s financial losses as a result of the alleged scheme.

This article originally appeared on NorthJersey.com: NJ medical lab employee accused of sabotage, posing as repairman

Source…

FDA, CISA: Illumina Medical Devices Vulnerable to Remote Hacking

/in


The US government is notifying healthcare providers and lab personnel about a component used by several Illumina medical devices being affected by serious vulnerabilities that can allow remote hacking.

On Thursday, the Cybersecurity and Infrastructure Security Agency (CISA) and the Food and Drug Administration (FDA) issued public notifications to inform organizations about the vulnerabilities affecting the Universal Copy Service (UCS) component used by several of Illumina’s genetic sequencing instruments. 

The vendor has released patches and mitigations, and published its own advisory to inform customers about the steps they have to take to prevent potential exploitation. 

The FDA said it was not aware of any attacks exploiting the vulnerabilities in the wild, but warned that a hacker could exploit them to remotely take control of a device, or to alter configurations, settings, software or data on the device or the user’s network. 

The FDA also warned that exploitation of the vulnerabilities could also impact “genomic data results in the instruments intended for clinical diagnosis, including causing the instruments to provide no results, incorrect results, altered results, or a potential data breach”.

CISA’s advisory reveals that Illumina Universal Copy Service is affected by a critical vulnerability, tracked as CVE-2023-1968, related to binding to an unrestricted IP, which can allow an unauthenticated attacker to abuse the component to listen on all IPs, including ones that accept remote connections.

The second flaw, CVE-2023-1966, is related to unnecessary privileges that can allow an unauthenticated hacker to remotely upload and execute code at the OS level.

Illumina’s iScan, iSeq, MiniSeq, MiSeq, MiSeqDx, NextSeq, and NovaSeq products are affected by the vulnerabilities. These products, used worldwide in the healthcare sector, are designed for clinical diagnostic use in sequencing a person’s DNA for various genetic conditions or for research purposes.

“On April 5, 2023, Illumina sent notifications to affected customers instructing them to check their instruments and medical devices for signs of potential exploitation of the vulnerability,” the FDA said in…

Source…

Private medical information may have been compromised in Chippewa County security breach

/in


Medical history and other private information about Chippewa County residents may have been compromised in a security breach of a Chippewa County employee’s computer.

The breach began Feb. 28 and continued on March 1, according to office of the Chippewa County Administrator.

On Tuesday, Feb. 28, a remotely controlled application was accidentally downloaded by a Chippewa County employee.

“The County cannot confirm how this occurred, but we believe it was by accidentally clicking on an internet pop-up or malicious link in error that downloaded the application,” County Administrator Randy Scholz said in a press release.

Then, on Wednesday, March 1 the employee was working on their office computer and someone else started to use the remote-control application and began typing.

People are also reading…

“That person gained access to the computer for approximately five minutes until the Information Technology Department was able to stop the access,” the press release states.

The department was able to confirm that 25 to 35 megabytes of data was sent through the application between 9:20 and 9:25 a.m. March 1.

“The County believes the data that was obtained was most likely documents that had been saved on the employee’s desktop,” Scholz said.

There were seven total documents saved on the employee’s desk top that contained private medical information.

A letter notifying people who may have been impacted was mailed to them today.

There are several names on one spreadsheet that the county no longer has addresses for because those people have not been clients of the county in over 10 years and no longer reside at the addresses the county has on file.

This spreadsheet contained a medical history number, client name, drug prescribed, date signed and doctor’s initials.

No Social Security numbers were included on any of the documents potentially breached, the release said.

Source…

Ransomware crooks steal 3m+ patients’ medical records, personal info • The Register

/in


Several California medical groups have sent security breach notification letters to more than three million patients alerting them that crooks may have stolen a ton of their sensitive health and personal information during a ransomware infection in December.

According to the Southern California health-care organizations, which include Regal Medical Group, Lakeside Medical Organization, ADOC Medical Group, and Greater Covina Medical, the security breach happened around December 1, 2022. 

“After extensive review, malware was detected on some of our servers, which a threat actor utilized to access and exfiltrate data,” according to a notice posted on Regal’s website and filed with the California Attorney General’s office [PDF]. 

The medical outfit said it hired third-party incident responders to assist and worked with security vendors to restore access to its systems and determine what data was impacted.

Judging from the filings with various state and federal agencies, the news wasn’t good. 

Extortionists stole, among other things, from the medical groups: patients’ names, social security numbers, addresses, dates of birth, diagnosis and treatment information, laboratory test results, prescription data, radiology reports, health plan member numbers, and phone numbers.

And according to the US Department of Health and Human Services, which is investigating the database breach, it affected 3,300,638 people. 

“Regal is taking steps to notify potentially impacted individuals of this breach to ensure transparency,” the company’s notification stated, adding it notified law enforcement and regulatory agencies about the ransomware attack.

Regal did not immediately respond to The Register‘s questions, including who is responsible for the attack and how they gained entry, how much money the crooks demanded and whether the health network paid the ransom.

As is typically the case in these types of incidents, the medical groups say they will pay for affected customers to receive one year of Norton LifeLock credit monitoring. They also urged patients to register a fraud alert with various credit bureaus, and closely monitor account statements as well as explanation of benefit…

Source…