Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label medical records. Show all posts
US
Data Breach medical records Payment Data social engineering attacks UnitedHealth US

UnitedHealth Cyberattack Becomes Largest Health Data Breach in History

 



The recent cyberattack on UnitedHealth has now been confirmed as the biggest health care data breach ever recorded, affecting more than 192 million people, over one-third of the U.S. population.

When news of the incident first broke in 2023, reports estimated around 100 million individuals had been impacted. Updated figures released by the U.S. Department of Health and Human Services now show the scale was nearly twice as large, with 192.7 million people’s personal and medical information exposed.

The stolen data is said to include highly sensitive details such as medical records, diagnoses, test results, treatment information, and insurance identifiers. In addition, Social Security numbers, driver’s license details, billing information, payment data, and claims history were also compromised. The breadth of this information makes the breach especially serious, as it extends beyond health data into financial and personal identity details.

The attack targeted Change Healthcare, a technology subsidiary of UnitedHealth that processes payments for many major health insurance providers. According to congressional testimony earlier this year, hackers gained access to company systems through stolen employee login details. Critically, the system they broke into did not have multi-factor authentication enabled, making it easier to exploit.

The group responsible, known as BlackCat, used ransomware to disrupt claims processing and patient care systems nationwide. UnitedHealth paid a ransom reportedly worth $22 million to secure deletion of the stolen files, but investigators later found the attackers had not honored the agreement. After receiving payment, the group disappeared and shut down its servers.


What this means for individuals

Given the enormous number of people affected, many Americans may find their private information exposed. While there is no way to undo the breach, individuals can take steps to reduce risks.

Experts recommend:

1. Identity protection services: These can alert you to unusual use of your information and often provide insurance against fraud.

2. Stronger device security: Reliable antivirus programs help block malware and often include additional tools such as virtual private networks (VPNs) for safer browsing.

3. Account monitoring: Keep a close eye on bank, insurance, and medical accounts for suspicious activity.

4. Vigilance against scams: Many attackers follow up breaches with phishing emails or fake offers. Do not click links or open attachments from unknown sources, even if they appear official.


It is also important to remain cautious on social media and to avoid offers or messages that appear too good to be true, as these are common tactics in social engineering attacks.

The UnitedHealth incident underscores how cyberattacks on critical infrastructure can have wide-reaching consequences. For the millions affected, awareness and proactive security measures are now essential in limiting further damage.



Read more »
User Privacy
Carolina Anaesthesiology Data Breach Data Leak medical records User Privacy

Carolina Anaesthesiology Firm's Massive Data Breach Impacts Nearly 21,000 Patients

 

Jeremiah Fowler, a security researcher, uncovered a non-password-protected database thought to be owned by Carolina Anaesthesiology PA, a healthcare organisation based in North Carolina. This dataset included several states, had 21,344 records, and was about 7GB in size.

The data included sensitive information such as patient names, physical addresses, phone numbers, and email addresses, as well as insurance coverage details, anaesthesia summaries, diagnoses, family medical histories, and doctor's notes. 

According to the researcher, there were files labelled 'Billing and Compliance Reports', which indicates the sort of data contained. While there is no proof that the database fell into criminal hands, the vulnerability of the unsecured database might expose numerous people to social engineering attacks such as phishing, identity theft, or fraud. 

The dataset included a "detailed analysis and key metrics related to medical billing and healthcare services provided," according to the researcher. However, the healthcare company that was contacted stated that it did not own or manage the database, but that the owner had been notified and that public access was restricted.

It remains unclear whether the information was accessed by a threat actor or a third party; only an internal audit would reveal this, and as far as we know, the content has not appeared on any dark web sites for sale by hackers. The researcher's investigation revealed that the contents of this folder were most likely associated with Atrium Health, a Carolina Anaesthesiology PA partner. 

“Our cyber security team immediately launched an internal investigation upon receiving an email tip in mid-February 2025 about a possible data breach. Our investigation found that Carolina Anesthesiology, P.A., who regularly provides anesthesia services at select facilities, misconfigured the technology service used for billing data, exposing some of their patient data,” Atrium Health responded to the intrusion. 

“We immediately shut down all data feeds to Carolina Anesthesiology and, as a courtesy, notified the regular governing entities. We continue to learn more from the Carolina Anesthesiology team about their plan to notify their patients of this breach. All data feeds remain off until this issue has been satisfactorily addressed.”
Read more »
Stolen Data
Cyberattack Cybersecurity Data Breach health data medical records Personal Information Ransomware Social Security Stolen Data

Sunflower and CCA Suffer Data Breaches, Exposing Hundreds of Thousands of Records

 

Sunflower recently disclosed a cyberattack on its systems, revealing that hackers gained access on December 15 but remained undetected until January 7. 

During this time, sensitive personal and medical data — including names, addresses, dates of birth, Social Security numbers, driver’s license details, medical records, and health insurance information—were compromised. According to its filing with the Maine Attorney General’s Office, the breach impacted 220,968 individuals.

Meanwhile, CCA experienced a similar data breach in July last year. The organization reported that cybercriminals stole extensive patient information, including names, addresses, dates of birth, driver's license numbers, Social Security numbers, diagnoses, lab results, prescriptions, patient ID numbers, and provider details. The breach affected 114,945 individuals, as per its filing with Maine’s Attorney General’s Office.

The Rhysida ransomware group has claimed possession of 7.6TB of Sunflower’s data, including a 3TB SQL database, according to The Register. With the data still listed online, it suggests that either negotiations are ongoing or have collapsed. However, as of now, there is no confirmed evidence of the stolen data being misused on the dark web.

Following these incidents, both organizations have taken steps to strengthen cybersecurity measures to prevent future breaches.
Read more »
medical records
Cancer Patient Cyber Attacks Data Leak London Hospitals medical records

Qilin Attack On London Hospitals Leaves Cancer Patient With No Option

 

The latest figures suggest that nearly 1,500 medical operations have been cancelled at some of London's leading hospitals in the four weeks following Qilin's ransomware attack on pathology services provider Synnovis. But perhaps no one was more severely impacted than Johanna Groothuizen. Hanna, as she goes by, is now without her right breast after having her skin-sparing mastectomy and immediate breast reconstruction surgery swapped with a simple mastectomy at the last minute.

In late 2023, the 36-year-old research culture manager at King's College London—a former health sciences researcher—was diagnosed with HER2-positive breast cancer. It's an aggressive form that requires immediate medical attention as it spreads more quickly and recurs more often. After receiving her diagnosis, Hanna promptly began a course of chemotherapy until she was well enough to undergo what is hoped to be the first and only major surgery to cure the disease. 

She had been informed repeatedly between then and the operation, which was set for June 7—four days after the ransomware attack—that the planned procedure was a skin-sparing mastectomy, allowing surgeons to reconstruct her right breast cosmetically right away.

How the ordeal unfolded, however, was an entire different story. Doctors gave Hanna less than 24 hours to make the difficult decision of accepting a simple mastectomy or postponing a life-changing treatment until Synnovis' systems were back up. The decision was thrust upon her on Thursday afternoon, prior to her Friday surgery. 

This came after she was compelled to track down the medical staff for updates on whether or not the procedure would even take place. Hanna was informed on Tuesday of that week, the day after Qilin's attack, that regardless of the situation, the staff at St Thomas' Hospital in London intended to proceed with the skin-sparing mastectomy as previously agreed. 

Hanna requested details on Thursday, and it was strongly suggested that the procedure would be cancelled. The hospital deemed the reconstruction part of the procedure too dangerous because Synnovis was unable to sustain blood transfusions until its systems were fully operational.

The ransomware attack was difficult for hospitals to deal with. The situation was so serious that blood supplies were running low barely a week after the attack, prompting an urgent need for O-type blood donations. For Hanna, however, this meant having to make a difficult decision between the surgery she wanted and the surgery that would present her the best chance of survival. The mother with two young kids, aged four and two, felt she had no choice but to undergo a routine mastectomy, leaving her with only one breast. 

Qilin's attack on Synnovis, a pathology services partnership involving Synlab, Guy's and St Thomas' NHS Foundation Trust, and King's College Hospital NHS Foundation Trust, occurred about five weeks ago as of this writing. According to the most recent NHS bulletin, service disruption remains evident throughout the region, however some services, such as outpatient appointments, are returning to near-normal levels.
Read more »
Ziv Medical Center
Data Breach Data Leak hospital data Iran-based hacker group Israel Hospital Malek Team medical records Patient Data Ziv Medical Center

Malek Team: Iran-linked Hackers Claim to Leak Medical Records From Israeli Hospital


An alleged Iran-based hacker group has claimed responsibility for stealing thousands of medical records from an Israeli hospital and leaking them on online forums. The stolen data also includes medical information of Israeli soldiers. The hospital – Ziv Medical Center – is situated in the city of Safed, near the border of Syria and Lebanon. 

The hackers claim to have stolen 500GB of medical data dating back to 2022. The 700,000 documents purportedly contained patient medical and personal data, including disease types and prescribed medication.

Last weekend, the hacker group involved in the attack – Malek Team – after attacking the hospital, began releasing documents that included the ones containing data from the Israel Defense Force (IDF) on their Telegram channel.

While the hackers did not disclose when exactly they attacked the hospital, a warning was released last week by the Israeli National Cyber Directorate regarding an incident affecting Ziv Medical Center's computer systems.

The warning read, “The incident has been identified and contained without disrupting or affecting various systems and the operation of the medical center.” Taking precautions, the hospital temporarily took down its email server and some of its computer systems.

The security team has conducted an investigation on the issue, however, findings have yet to be released as of yet to ascertain whether or not there was an information leak. 

Israel’s newspaper The Jerusalem Post reported that this was not the first time Ziv Medical Center has fallen victim to a cyberattack. The hospital had suffered two other cyber incidents in four months. Local media outlets reported that Ziv's systems appeared to have leaked information, which was admitted by both the hospital and the Israeli privacy protection body.

Israeli officials have said that they are pursuing charges against those connected to the incident and have forbidden the use, transfer, or distribution of any information that has been disclosed.

Along with Israeli tech and media organizations, Malek Team also claimed responsibility for cyberattacks on other targets in Israel, such as Ono Academic College, which was previously targeted earlier in October.

In their ventures, the hackers have leaked several data pieces, including videos of university classes and admission interviews with students. Also, scans of victims’ passports and documents have also been released. However, the authenticity of this data has not been confirmed.

Read more »
Subscribe to: Posts (Atom)