Tag Archive for: affects

Hack on Defunct Ambulance Firm Affects 912,000 People

/in


Cybercrime
,
Fraud Management & Cybercrime
,
Healthcare

Archived Data Stolen 2 Months After Sale of Business Affects Patients, Employees

Marianne Kolbasuk McGee (HealthInfoSec) •
January 3, 2024    

Hack on Defunct Ambulance Firm Affects 912,000 People
A data theft involving archived records of defunct firm Fallon Ambulance has affected nearly 912,000 patients and employees. (Image: Fallon)

A defunct ambulance company is notifying nearly 912,000 patients and employees that their archived records were compromised in an early 2023 data theft hack. The firm previously provided emergency care in the Boston region and administrative services to affiliated transportation companies.

See Also: JavaScript and Blockchain: Technologies You Can’t Ignore

In a report to Maine’s attorney general on Dec. 29, Transformative Healthcare said its Fallon Ambulance Services subsidiary – which ceased operations in December 2022 – had experienced a hacking incident that was discovered on April 21, 2023, but appears to have started months earlier, extending from Feb. 17 to April 22.

Affected files contained information such as name, address, Social Security number, medical information – including COVID-19 testing or vaccination information – and information provided to Fallon in connection with employment or application for work, Transformative said.

While Fallon was no longer operating, the ambulance firm maintained an archived copy of data previously stored on its computer systems “to comply with legal obligations,” Transformative said in the breach notice.

“While Fallon currently has no…

Source…

Medical Transcription Hack Affects 1.2 Million Chicagoans

/in


Cybercrime
,
Fraud Management & Cybercrime
,
Incident & Breach Response

Cook County Health Says It Is Among the Vendor’s ‘Many’ Clients Affected by Hack

Marianne Kolbasuk McGee (HealthInfoSec) •
November 8, 2023    

Medical Transcription Hack Affects 1.2 Million Chicagoans
Image: Getty

A major healthcare provider in Chicago that targets underserved populations is notifying as many as 1.2 million patients that their information was compromised in a data theft incident at a medical transcription vendor.

See Also: Live Webinar | Generative AI: Myths, Realities and Practical Use Cases

Cook County Health, which operates two public hospitals and more than a dozen community healthcare clinics in Illinois, said it has terminated its relationship with the vendor and that it is among “many” other healthcare organizations affected by the incident.

A breach notice says the hack affected systems of Perry Johnson & Associates, the third-party transcription vendor, where “some” of the hospital system’s patient information was stored.

The data includes names, birthdates, addresses, medical information, and the dates and times of service. Approximately 2,600 of those patient records may also have included Social Security numbers, CCH said.

“CCH is one of many organizations impacted by the PJ&A data security incident. No CCH systems or servers were accessed during this incident,” CCH said. “Upon learning of the data security incident, CCH stopped sharing data with PJ&A, and terminated its relationship with PJ&A,” the county health system said.

The transcription vendor is working with…

Source…

WinRAR Vulnerability Affects Traders Worldwide

/in


Cybersecurity researchers have exposed a zero-day vulnerability (CVE-2023-38831) in the popular WinRAR compression tool, which cyber-criminals have exploited to target traders on specialized forums. 

The exploit allows threat actors to craft ZIP archives that contain malicious payloads, posing a significant risk to traders’ financial assets.

The Group-IB Threat Intelligence unit, while investigating the distribution of DarkMe malware in July 2023, stumbled upon the previously unknown vulnerability in WinRAR’s processing of the ZIP file format. 

According to an advisory published by Andrey Polovinkin, a malware analyst at Group-IB earlier today, cyber-criminals have been using this vulnerability since April 2023 to create ZIP archives containing malware families including DarkMe, GuLoader and Remcos RAT.

Read more on the Remcos malware tool: Remcos Trojan Returns to Most Wanted Malware List After Ukraine Attacks

Upon discovering this security flaw, Group-IB promptly notified RARLAB, the developers of WinRAR, about the issue. The company collaborated with the researchers and swiftly released a patch to address the vulnerability. MITRE Corporation assigned the vulnerability the marker CVE-2023-38831 on August 15 2023.

The exploit involves tricking users into opening seemingly harmless files, which then launch malicious scripts. Cyber-criminals are leveraging a tactic in which they spoof file extensions to hide the execution of malicious code within files that appear to be images or text documents. Group-IB explained that these malicious archives were posted on various trading forums, infecting at least 130 devices at the time of reporting.

Once infected, the malware provides threat actors unauthorized access to victims’ brokerage accounts, enabling them to withdraw funds. The financial losses incurred due to this vulnerability are still under investigation. Notably, the same vulnerability was reportedly used in the DarkCasino campaign previously described by NSFOCUS researchers.

Group-IB urged users to keep their software updated, exercise caution when dealing with attachments from unknown sources and implement robust security practices such as using password…

Source…

Tampa General Hospital hack affects data of 1.2M patients

/in


Tampa General Hospital says an “unauthorized third party” hacked its computer network in May and obtained personal data — including Social Security numbers — of about 1.2 million patients.

The hospital says it discovered “unusual activity” on its systems on May 31. An investigation determined the hack by a “criminal group” occurred between May 12 and May 30, according to a statement posted Wednesday on its website.

Tampa General, one of the state’s largest hospitals and a Level 1 trauma center, reported the “cybersecurity event” to the FBI.

“We immediately took steps to contain the activity and began an investigation with the assistance of a third-party forensic firm,” the hospital says. “Fortunately, TGH’s monitoring systems and experienced technology professionals effectively prevented encryption, which would have significantly interrupted the hospital’s ability to provide care for patients.”

A review found the stolen patient data varied by individual. The hospital says its “may” have included names, addresses, phone numbers, dates of birth, Social Security numbers, health insurance information, medical record numbers, account numbers, dates of service and limited treatment information used for business operations.

Tampa General says patients who may have been affected will receive notification by mail.

The hospital says complimentary credit monitoring and identity theft protection will be available to patients whose Social Security number was involved.

“Patients are encouraged to review statements from their health insurer and health care providers, and to contact them immediately if they see any services they did not receive,” the hospital says.

The hospital adds that its electronic medical record system was not involved or accessed.

“The hospital is continuously updating and hardening systems to help prevent events such as this from occurring and has implemented additional defensive tools and increased monitoring,” the statement says.

Tampa General is a private nonprofit hospital with more than 1,000 beds. It is also a teaching hospital affiliated with the University of…

Source…