Trending Medical and health breaking news Roundup: Multiple healthcare orgs report cyber attacks

Trending Medical and well being breaking information Roundup: A number of healthcare orgs report cyber assaults

Trending Medical and well being breaking information

[Ed. note: This piece has been updated to include the latest post from CompuGroup Medical.]

CompuGroup Medical, a medical software program vendor, reported that it had been hit with a ransomware assault resulting in what the corporate described as a “technical failure.”  

In a discover posted to its web site on December 20 at 4:50 p.m. Jap Time, the corporate mentioned that the assault affected the supply of some inner providers, comparable to electronic mail and telephones.  

At that time, CompuGroup mentioned it had no indication the assault had impacted buyer techniques or knowledge – some extent it reiterated in a publish the subsequent day.  

By December 22 at 2:30 p.m. Jap time, the corporate mentioned it had made progress in remediating disruptions to providers.   Over the course of the day, mentioned CompuGroup, it had been in a position to arrange emergency phone numbers and alternative electronic mail addresses for buyer help functions.  

Inner techniques have been additionally regularly returning to regular. 

“The overwhelming majority of our buyer techniques are up and working. We proceed to extend our availability for buyer help functions. Our backup infrastructure is working efficiently,” mentioned the corporate in a publish on December 23 at 1:30 p.m. Jap.

“Previously few hours, we now have continued to stabilize our inner techniques. We’re guided by our outlined response plan, which we proceed to work by means of systematically – even through the holidays,” it continued.

On December 27, the corporate reported that its crew members had been in a position to restore “key elements which have been impacted by the assault. In doing so, we proceed to execute our enterprise continuity plans.” It famous that it was totally centered on delivering product updates in a well timed vogue.

“The provision of our buyer techniques and knowledge integrity stay our highest precedence. We proceed to observe all techniques intently and are working with all related authorities,” it mentioned.

Trending Medical and well being breaking information 400K people’ info uncovered in phishing incident  

Monongalia Well being System, and its affiliated hospitals, Monongalia County Common Hospital Firm and Stonewall Jackson Memorial Hospital Firm – collectively generally known as “Mon Well being” – have begun notifying people that their knowledge might have been compromised in a phishing incident earlier this yr.  

A breach report back to the U.S. Division of Well being and Human Providers’ Workplace of Civil Rights mentioned that 398,164 folks had been affected.  

As outlined in a press launch, the West Virginia-based Mon Well being first turned conscious one thing was amiss in late July, when a vendor reported not receiving a fee.   

The well being system then launched an investigation, figuring out that unauthorized people had despatched emails from a Mon Well being contractor’s account in an try to get hold of funds from Mon Well being by means of fraudulent wire transfers.   

Upon the investigation’s conclusion on October 29, Mon Well being discovered that people had gained entry to a number of system electronic mail accounts between Might 10 and August 15.  

“Primarily based on its investigation, Mon Well being believes the aim of the unauthorized entry to the e-mail accounts was to acquire funds from Mon Well being by means of fraudulent wire transfers and to perpetrate an electronic mail phishing scheme, to not entry private info,” mentioned the system in a press release.  

“That mentioned, Mon Well being can’t rule out the chance that emails and attachments within the concerned Mon Well being electronic mail accounts containing affected person, supplier, worker and contractor info might have been accessed because of this incident,” it continued.

After a complete search of the e-mail accounts’ contents, Mon Well being discovered info regarding sufferers and members of Mon Well being’s worker well being plan that included:  

  • Names
  • Medicare Well being Insurance coverage Declare Numbers (which may include Social Safety numbers)
  • Addresses
  • Dates of beginning
  • Affected person account numbers
  • Medical health insurance plan member ID numbers
  • Medical file numbers
  • Dates of service
  • Supplier names
  • Claims info
  • Medical and medical therapy info
  • Standing as a present or former Mon Well being affected person  

“To assist forestall one thing like this from taking place once more, Mon Well being is constant to overview and improve its present safety protocols and practices, together with the implementation of multi-factor authentication for distant entry to its electronic mail system,” mentioned the press launch.  

Trending Medical and well being breaking information A knowledge safety incident in Texas  

Texas ENT, which operates a number of places within the Lone Star State, has additionally reported a significant breach that came about earlier this yr.  

In response to the supplier, the information safety incident – which affected 535,489 people – came about in August 2021.   

The system didn’t uncover that the unauthorized entry had occurred till October 19.  

“With help from a third-party cybersecurity agency, we decided that unauthorized events gained entry to our pc techniques and took copies of Texas ENT information,” mentioned the supplier.  

“We fastidiously reviewed these information and decided they contained affected person names, dates of beginning, medical file numbers, and process codes used for billing functions. A restricted variety of information additionally contained affected person Social Safety numbers,” Texas ENT continued.   

Dangerous actors didn’t, nonetheless, entry the supplier’s digital well being information.  

“To assist forestall one thing like this from taking place once more, we’re additional strengthening our present privateness and data safety program by implementing extra safeguards and technical safety measures to guard and monitor our techniques,” mentioned Texas ENT.  

Kat Jercich is senior editor of Healthcare IT Information.
Twitter: @kjercich
Electronic mail: [email protected]
Healthcare IT Information is a HIMSS Media publication.

Learn Extra

Leave a Comment

Your email address will not be published.