Editor's Note Between 2018 and 2024, ransomware attacks on US healthcare organizations compromised nearly 89 million patient records and resulted in downtime costing an estimated total of $21.9 billion, according to a December 18 report from Comparitech. The report tallies 654 total ransomware incidents during this period targeting hospitals, clinics,…

Read More

Editor's Note Iranian cyber actors employing techniques such as brute force, password spraying, and multifactor authentication (MFA) "push bombing" to compromise healthcare and other critical infrastructure sectors, the American Hospital Association (AHA) reported October 17. The report cites an October 16 joint advisory issued on October 16 by the FBI,…

Read More

Editor's Note Cyberattacks in August 2024 are the latest examples of a specific Iranian group intensifying efforts against US organizations since 2017, Healthcare IT News reported September 3. Citing an advisory issued by the Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Defense…

Read More

Editor's Note The Red Cross is reporting a 25-percent drop in its national blood inventory due to hot weather a month after the American Hospital Association (AHA) warned about the impact of cyberattacks on critical supplies at hospitals. According to an August 6 report in The Hill, heat-related challenges have…

Read More

Editor's Note North Korean hackers targeted U.S. hospitals and healthcare systems with ransomware to fund a covert information exfiltration campaign against American military and scientific entities, according to a July 25 report from CBS News. The first attack was a May 2021 ransomware infiltration of a hospital in Kansas. The…

Read More

Editor's Note Qilin, a ransomware group based in Russia, claimed responsibility for a cyberattack against pathology services provider Synnovis that paralyzed London Hospitals and is now requesting $50 million, Becker’s Health IT reported June 20. Citing a report from Bloomberg, the article notes that the attack disrupted services at London-based hospitals…

Read More

Editor's Note Change Healthcare has started to notify health care providers about patient data stolen in the February cyberattack and announced plans to mail affected individuals as well. A unit of UnitedHealth Group, the organization issued the update June 20. “CHC is providing this notice now to help individuals understand…

Read More

Editor's Note Microsoft and Google announced they will offer free or discounted cybersecurity services to rural hospitals in the U.S. to help protect against cyberattacks, CNN reported on June 10. According to the article, Microsoft will provide free security updates, assessments, and staff training, while Google will offer free cybersecurity…

Read More

Editor's Note Doctors are urging the American Medical Association (AMA) to take legal action or otherwise help recoup their losses from the February 21 Cyberattack on Change Healthcare, a division of United HealthGroup. Forbes reported the news June 3. The article cites a a resolution before the AMA’s reference committee on amendments…

Read More

Editor's Note Change Healthcare is responsible for notifying affected parties about privacy breaches resulting from the February cyberattack on the company, The U.S. Department of Health and Human Services (HHS) announced May 31. The announcement took the form of an update to an FAQ webpage from HHS’ Office for Civil…

Read More