Security News

The Rhysida ransomware gang has claimed responsibility for the massive cyberattack on Prospect Medical Holdings, claiming to have stolen 500,000 social security numbers, corporate documents, and patient records. While PMH did not respond to queries about the security incident, BleepingComputer later learned that the Rhysida ransomware gang was behind the attack.

Accounting giant Deloitte, pizza and birthday party chain Chuck E. Cheese, government contractor Maximus, and the Hallmark Channel are among the latest victims that the Russian ransomware crew Clop claims to have compromised via the MOVEit vulnerability. The biz now joins PwC and Ernst and Young - all three big accounting firms - among the hundreds of organizations compromised by Clop via a security hole in vulnerable deployments of the file-transfer tool MOVEit.

India's tech minister Rajeev Chandrasekhar confirmed "A Telegram Bot was throwing up Co-WIN app details upon entry of phone numbers," but claimed the data came from a previous breach unrelated to Co-WIN. India's Ministry of Health and Family Welfare later denied any breach, writing "It is clarified that all such reports are without any basis and mischievous in nature." "Union Health Ministry has requested the Indian Computer Emergency Response Team to look into this issue and submit a report. In addition, an internal exercise has been initiated to review the existing security measures of Co-WIN," states a Ministerial announcement.

A cancer patient whose nude medical photos and records were posted online after they were stolen by a ransomware gang, has sued her healthcare provider for allowing the "Preventable" and "Seriously damaging" leak. LVHN refused to pay the ransom, and earlier this month BlackCat started leaking patient info, including images of at least two breast cancer patients, naked from the waist up.

Medical device and software maker Zoll Medical says the personal and health information of more than a million people, including patients and employees, may have been stolen by crooks in January. Officials with Zoll, a company owned by Japanese multinational chemical company Asahi Kasei and based in Chelmsford, Massachusetts, said in the letter that there was no indication that the exposed information has been misused.

A previously unknown threat actor named Hydrochasma has been targeting shipping and medical laboratories involved in COVID-19 vaccine development and treatments. A characteristic of Hydrochasma attacks is that they rely only on open-source tools and "Living off the land" tactics, leaving no traces that could lead to attribution.

Shipping companies and medical laboratories in Asia have been the subject of a suspected espionage campaign carried out by a never-before-seen threat actor dubbed Hydrochasma. The standout aspects of the campaign is the absence of data exfiltration and custom malware, with the threat actor employing open source tools for intelligence gathering.

Several California medical groups have sent security breach notification letters to more than three million patients alerting them that crooks may have stolen a ton of their sensitive health and personal information during a ransomware infection in December. According to the Southern California health-care organizations, which include Regal Medical Group, Lakeside Medical Organization, ADOC Medical Group, and Greater Covina Medical, the security breach happened around December 1, 2022.

Multiple medical groups in the Heritage Provider Network in California have suffered a ransomware attack, exposing sensitive patient information to cybercriminals. The entities collectively issued a notice of data breach at the start of the month and shared a sample letter with the California Attorney General's office earlier this week.

The rising adoption of connected medical devices is accelerating cyberattacks, according to Capterra's Medical IoT Survey of healthcare IT professionals. Medical practices with more than 70% of their devices connected are 24% more likely to experience a cyberattack than practices with 50% or fewer connected devices.