Security News

A previously unknown threat actor named Hydrochasma has been targeting shipping and medical laboratories involved in COVID-19 vaccine development and treatments. A characteristic of Hydrochasma attacks is that they rely only on open-source tools and "Living off the land" tactics, leaving no traces that could lead to attribution.

Shipping companies and medical laboratories in Asia have been the subject of a suspected espionage campaign carried out by a never-before-seen threat actor dubbed Hydrochasma. The standout aspects of the campaign is the absence of data exfiltration and custom malware, with the threat actor employing open source tools for intelligence gathering.

Several California medical groups have sent security breach notification letters to more than three million patients alerting them that crooks may have stolen a ton of their sensitive health and personal information during a ransomware infection in December. According to the Southern California health-care organizations, which include Regal Medical Group, Lakeside Medical Organization, ADOC Medical Group, and Greater Covina Medical, the security breach happened around December 1, 2022.

Multiple medical groups in the Heritage Provider Network in California have suffered a ransomware attack, exposing sensitive patient information to cybercriminals. The entities collectively issued a notice of data breach at the start of the month and shared a sample letter with the California Attorney General's office earlier this week.

The rising adoption of connected medical devices is accelerating cyberattacks, according to Capterra's Medical IoT Survey of healthcare IT professionals. Medical practices with more than 70% of their devices connected are 24% more likely to experience a cyberattack than practices with 50% or fewer connected devices.

The US federal government is considering several proposals to regulate medical device cybersecurity compliance to counteract the frequent and clinically impactful cyberattacks experienced by healthcare systems across the country. The document provides device manufacturers with guidance on how to approach cybersecurity for device design and associated premarket submissions.

Two recent ransomware attacks against healthcare systems indicate cybercriminals continue to put medical clinics and hospitals firmly in their crosshairs. In a notification to watchdogs last Friday, Pennsylvania's largest primary care group said a "Sophisticated" ransomware crew breached its network security, giving it access to 75,628 individuals' names, addresses and Social Security numbers along with their medical records.

Google on Friday pledged to update its location history system so that visits to medical clinics and similarly sensitive places are automatically deleted. Google keeps a log of its users whereabouts, via its Location History functionality, and provides some controls to delete all or part of those records, or switch it off.

Kaiser Permanente suffered a data breach due to email compromise on April 5 that potentially exposed the medical records of nearly 70,000 patients, the company revealed earlier this month.Attackers gained access to the emails of an employee at Kaiser Foundation Health Plan of Washington that contained "Protected health information," the company revealed in a letter to affected clients on June 3.

In this interview with Help Net Security, Paige Hanson, Chief of Cyber Safety Education at NortonLifeLock, talks about the risks posed by medical ID theft, the repercussions of such criminal activity, and what people as well as organizations can do to protect valuable medical information. Even more worrisome than the possible financial cost of medical identity theft is the potential risk it poses of mingling an identity thief's health information with your own.