Memorial Health System Suffers Ransomware Attack, Data Theft

Memorial Health System Suffers Ransomware Attack, Data Theft

Memorial Health System, a healthcare non-profit, disclosed suffering from a ransomware attack, encrypting their endpoints and forcing staff to work with pen-and-paper charts. 

The ransomware group Hive is allegedly responsible for the attack. The encryption of the IT environment forced the cancelation of numerous high-priority surgeries and radiological examinations. Although Memorial Health System president and CEO Scott Cantley stated on Sunday that patient and employee data remained unaffected, BleepingComputer found evidence indicating that databases containing sensitive information for 200,000 patients were stolen. 

For more, we turn to the cybersecurity experts. 


Memorial Health System Suffers Ransomware Attack, Data Theft

Josh Rickard

Josh Rickard is Security Solutions Architect at Swimlane.

“Since the onset of the COVID-19 pandemic, we have seen cyber-criminals take advantage of healthcare organizations again and again as new waves and variants persist. Healthcare organizations face unique challenges when looking to efficiently manage information security due to their large, distributed networks and complex electronic health record platforms that store highly sensitive protected health information.

In addition to the trove of unique data present, hospitals are also an appealing target for ransomware groups because they can’t afford downtime and are therefore viewed as more likely to pay the ransom quickly. In the case of Memorial Health System, urgent surgical cases and radiology exams were forced to be canceled due to the attack. Security operations within healthcare organizations are increasingly investing in ways to automate and centralize their detection, response, and investigation efforts into a single platform. This allows them to better visualize their effectiveness and further understand what is not working within their environment(s).

Even after access is regained following a ransomware attack, potential penalties for failure to detect and report on improper access create a long path to recovery. By leveraging the power of automation, these institutions can orchestrate their incident response and breach reporting processes to improve the…


Singtel Suffers Zero-Day Cyberattack, Damage Unknown – Threatpost

Singtel Suffers Zero-Day Cyberattack, Damage Unknown  Threatpost


The Generalitat suffers an online security breach

In this cursed year of the Coronavirus, many more hacks and computer attacks are being recorded than in previous ones. Cybercriminals take advantage of the current situation of uncertainty, the massive influx of Teleworking and any slightest flaw or loophole in a security program, exactly what has happened to the Generalitat of Catalonia.

Vulnerability in three websites of the Generalitat

Advanced by media such as Vozpópuli and confirmed directly to others, the Generalitat of Catalonia was exposing the private data of thousands of users via three of the Catalan Government’s web pages. And all for a computer security flaw in the form of vulnerability. A vulnerability that has exposed up to 5,000 emails and passwords of users who had registered in Government applications.

Discovered last week, no one knows how long the vulnerability had been exposing this data, but it could have been for months or even years. On November 19, the three affected websites were taken ‘offline’ to correct the problem, and those responsible for data protection contacted all the affected departments. But has anyone used that exposed data?

Cybersecurity Incident?

A vulnerability can be exploited, in fact cybercriminals sometimes do not have to hack, but only take advantage of ‘exploits’ or security holes in the services, apps or platforms they want to steal. The Generalitat is currently investigating whether the data of 5,000 users has been stolen and is being used to hack them, and “as of today, we cannot conclude that the existence of this vulnerability has led to a cybersecurity incident.”

But what exactly happened? According to the cybersecurity expert company Avast, it is a SQL Injection security flaw on which an investigation is being carried out. As Luis Corrons, Avast’s ‘Security Evangelist’ points out, SQL injection attacks are quite common, and “have been used in many attacks over the years. Companies like Sony, Yahoo or LinkedIn have been victims of this type of attack. attacks.

To prevent them, in addition to taking security measures, when configuring and programming the databases, it is essential to carry out periodic audits of the security…


U.S. pharma giant suffers data breach, exposes private data of drug users – The Hindu

U.S. pharma giant suffers data breach, exposes private data of drug users  The Hindu
“data breach” – read more