Infosecurity News
Ascension Ransomware Attack Diverts Ambulances, Delays Appointments
A ransomware attack on US private healthcare provider Ascension has disrupted patient care, with several hospitals currently on diversion
SecurityWeek
FBCS Collection Agency Data Breach Impacts 2.7 Million
Financial Business and Consumer Solutions (FBCS) says the personal information of 2.7 million was impacted in the recent data breach.
The Record
As White House preps new cyber rules for healthcare, Neuberger says backlash is unwarranted
The current cybersecurity situation in the healthcare industry is at least a decade in the making, White House official Anne Neuberger said at the RSA Conference.
The Cyber Express
Ascension Healthcare Hit by Cyberattack: Patients Wait Hours, Chaos Ensues
Ascension, one of the largest nonprofit healthcare systems in the United States, is facing disruptions in clinical operations due to
CyberSecurity Dive
Ascension hit by cybersecurity incident disrupting clinical operations
The major nonprofit health system detected “unusual activity” on some network systems Wednesday.
CyberNews
Ascension Catholic hospitals in midst of possible cyberattack
Non-profit Ascension health systems tells business partners to disconnect from its networks after a suspected cyberattack disrupts operations at facilities across the US.
SecurityWeek
Shields Up: How to Minimize Ransomware Exposure
Organizations must look beyond preventive measures when it comes to dealing with today’s ransomware threats and invest in ransomware response.
The Cyber Express
MedStar Health Reports Data Breach Impacting 183,000 Patients
MedStar Health, a prominent non-profit healthcare provider disclosed a data breach that impacts more than 183,000 patients from its hundreds
SecurityWeek
Brandywine Realty Trust Hit by Ransomware
Philadelphia-based real estate company Brandywine Realty Trust shuts down systems following a ransomware attack.
CSO
DocGo says hackers stole patient data in a recent cyberattack
The attack compromised some healthcare data with no material or financial losses, the company said.
The Record
Catholic health system Ascension warns of disruptions following cyberattack
The nonprofit health provider published a notice saying it discovered unusual activity on network systems and immediately began an investigation.
CSO
Change Healthcare went without cyber insurance before debilitating ransomware attack
Organizations that eschew cyber insurance give up not only financial protection but also advice from the insurer on improving the security of their systems.
SecurityWeek
City of Wichita Shuts Down Network Following Ransomware Attack
The City of Wichita, Kansas, has shut down its network after falling victim to a file-encrypting ransomware attack.
CyberSecurity Dive
Change Healthcare cyberattack: 5 technical takeaways from UnitedHealth CEO’s testimony
Change Healthcare was running on legacy technology, which magnified the ransomware attack’s impact and hampered recovery efforts, Andrew Witty said.
Security Affairs
Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
.png)
Cyber Security News
Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories)
The weekly news summary keeps you up to date with what’s happening in cybersecurity, including developments, vulnerabilities, breaches, threats, and defensive strategies. Knowing about new cyber risks and attack vectors helps you put up safeguards and preventive measures as soon as possible to protect your systems. Remaining constantly aware gives you a holistic view of […]
The Cyber Express
No MFA, Major Consequences: Simple Security Oversight Led to Change Healthcare Data Breach
CEO Andrew Witty testified before Congress on Wednesday, disclosing a significant cyberattack on Change Healthcare, a subsidiary of UnitedHealth Group.
CyberSecurity Dive
Congress grills UnitedHealth CEO over Change cyberattack
Legislators slammed Andrew Witty over the company’s lack of cybersecurity practices and the impact of the breach, which may have compromised the data of a third of Americans.
CSO
UnitedHealth hack may impact a third of US citizens: CEO testimony
Despite paying a $22 million ransom in Bitcoin to regain access to encrypted files, the company cannot confirm whether copies of the data were made or published online.
SecurityWeek
Change Healthcare Cyberattack Was Due to a Lack of Multifactor Authentication, UnitedHealth CEO says
The Change Healthcare cyberattack started when hackers entered a server that lacked a basic form of security: multi-factor authentication.
DarkReading
UnitedHealth Congressional Testimony Reveals Fails
The breach used stolen Citrix credentials for an account with no MFA. Attackers went undetected for days, and Change's backup strategy failed.
Infosecurity News
UnitedHealth CEO Confirms Breach Tied to Stolen Credentials, No MFA
Andrew Witty made the claims in a written testimony submitted before a House subcommittee hearing
Cyber Security News
Hackers Infiltrated 9-days Within UnitedHealth Network Before Ransomware Attack
The cyberattack, which unfolded on the morning of February 21, 2024, was the culmination of a 9-day silent infiltration by the hackers within the UnitedHealth network.
SecurityWeek
UnitedHealth CEO Says Hackers Lurked in Network for Nine Days Before Ransomware Strike
UnitedHealth Group’s CEO Andrew Witty shares details on the damaging cyberattack in testimony before a US Congress committee on May 1.
SC Magazine
Senators grill UnitedHealth CEO on Change Healthcare cyberattack
Andrew Witty stuck with the familiar corporate line of providing consumers with two years of credit monitoring.
The Record
UnitedHealth CEO confirms company paid $22 million ransom in heated Senate hearing
CEO Andrew Witty blamed Change Healthcare's legacy technologies and lack of multifactor authentication for the cyberattack, which disrupted the medical industry nationwide.
Ars Technica
Health care giant comes clean about recent hack and paid ransom
Ransomware attack on the $371 billion company hamstrung US prescription market.
CyberSecurity Dive
Change Healthcare, compromised by stolen credentials, did not have MFA turned on
AlphV deployed ransomware nine days after it used access to a Citrix portal on Change’s network to move laterally within systems, CEO Andrew Witty said in testimony prepared for a House subcommittee hearing set for Wednesday.
Bleeping Computer
Change Healthcare hacked using stolen Citrix account with no MFA
UnitedHealth confirms that Change Healthcare's network was breached by the BlackCat ransomware gang, who used stolen credentials to log into the company's Citrix remote access service, which did not have multi-factor authentication enabled.
CSO
UnitedHealth hackers exploited Citrix vulnerabilities, CEO to testify
In the written testimony before the House Energy and Commerce Committee, CEO Andrew Witty said after gaining access, the threat actor moved laterally within the systems using sophisticated methods and exfiltrated data.
CyberNews
UnitedHealth hackers exploited Citrix bug, CEO says
The massive hack of UnitedHealth Group’s (UHG) tech subsidiary Change Healthcare was the result of an exploit of the Citrix bug, according to UHG CEO Andrew Witty.
The Record
Congress circles UnitedHealth as effects of ransomware attack continue
UnitedHealth Group CEO Andrew Witty is preparing to testify in two separate congressional hearings about the ransomware attack on the company's Change Healthcare unit.
SC Magazine
Change Healthcare incident caused by compromised Citrix credentialsa
UnitedHealth Group’s CEO Andrew Witty set to testify before Congress tomorrow – security pros say there’s more to the story and it will take several more months of investigation before we know the full kill chain.
DarkReading
Kaiser Insurance Leaks 13.4M Members' Data to Online Advertisers
Tracking code used for keeping tabs on how members navigated through the healthcare giant's online and mobile sites was oversharing a concerning amount of information.
SecurityWeek
Collection Agency FBCS Says Data Breach Exposed Nearly 2 million People
Collection agency FBCS says data breach exposed names, dates of birth, Social Security numbers, and account info on nearly 2 million people.
Cyber Security News
Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories)
Welcome to this week's edition of the Cyber Security News Weekly Round-Up. This issue covers the latest vulnerabilities, cyber attacks, and emerging threats that have been making headlines. Stay informed and stay secure!
The Cyber Express
TCE Cyberwatch: From Ransomware to Deepfakes, This Week’s Top Cybersecurity Threats
This week's TCE Cyberwatch delves into a range of pressing cybersecurity issues impacting the world today. From the rise of
DarkReading
Back from the Brink: UnitedHealth Offers Sobering Post-Attack Update
The company reports most systems are functioning again but that analysis of the data affected will take months to complete.
Infosecurity News
Millions of Americans' Data Potentially Exposed in Change Healthcare
Millions of Americans may be impacted by the Change Healthcare data breach as UnitedHealth confirms exposed data includes personal and health information
CSO
Authentication failure blamed for Change Healthcare ransomware attack
Absence of multi-factor authentication reportedly left a remote access application exposed.
Bleeping Computer
UnitedHealth confirms it paid ransomware gang to stop data leak
The UnitedHealth Group has confirmed that it paid a ransom to cybercriminals to protect sensitive data stolen during the Optum ransomware attack in late February.
SecurityWeek
UnitedHealth Says Patient Data Exposed in Change Healthcare Cyberattack
UnitedHealth confirms that personal and health information was stolen in a ransomware attack that could cost the company up to $1.6 billion.
CyberSecurity Dive
UnitedHealth admits it paid a ransom in Change Healthcare attack
The insurer also confirmed Monday that more than 20 screenshots of potentially stolen patient data were posted on the dark web for about a week.
CyberNews
Double-extorted Change Healthcare says “a substantial proportion” of Americans exposed
UnitedHealth Group has confirmed that cyberattackers compromised a massive trove of sensitive data from its tech branch Change Healthcare.
Cyber Security News
UnitedHealth Group Ransomware Attack : Hackers Stolen Patients Data
The global American health insurance and services corporation UnitedHealth Group has announced that its health IT subsidiary Change
The Cyber Express
UnitedHealth Confirms Paying Ransom to Secure Patient Data After Change Healthcare Cyberattack
In a bid to safeguard patient data, UnitedHealth Group, a prominent healthcare conglomerate, confirmed that it has paid ransom to
SC Magazine
A 'substantial proportion' of Americans exposed in Change Healthcare cyberattack
Change Healthcare owner UnitedHealth Group acknowledges some customer protected health information leaked on dark web.
The Record
‘Substantial proportion' of US had data stolen during Change Healthcare ransomware attack
UnitedHealth Group said it is likely to take several more months to be able to identify and notify customers and individuals who were impacted in the incident.
The Record
UnitedHealth CEO to testify about ransomware attack
The House Energy and Commerce Subcommittee on Oversight and Investigations will hear from UnitedHealth Group CEO Andrew Witty on May 1.
The Cyber Express
TCE Cyberwatch: A Look at This Week’s Top Cybersecurity Incidents
The digital landscape continues to be a battleground, with cyber threats evolving and attackers targeting an ever-wider range of victims.
Bleeping Computer
The Week in Ransomware - April 19th 2024 - Attacks Ramp Up
While ransomware attacks decreased after the LockBit and BlackCat disruptions, they have once again started to ramp up with other operations filling the void.
The Cyber Express
Cannes Hospital Back to Basics: Pen and Paper Power Healthcare After Cyberattack
Cannes Simone Veil Hospital Center (CHC-SV) is grappling with the aftermath of a cyberattack that struck the hospital on April
CSO
Consolidation blamed for Change Healthcare ransomware attack
United HealthGroup said it has already taken $872 million in dealing with the attack and the disruption it caused.
The Cyber Express
UnitedHealth Beats Earnings Despite $1.6 Billion Cyberattack Hit
UnitedHealth Group disclosed on Tuesday that it anticipates the hack of its Change Healthcare unit to result in expenses of
Bleeping Computer
UnitedHealth: Change Healthcare cyberattack caused $872 million loss
UnitedHealth Group reported an $872 million impact on its Q1 earnings due to the ransomware attack disrupting the U.S. healthcare system since February.
SecurityWeek
Ransomware Group Starts Leaking Data Allegedly Stolen From Change Healthcare
The RansomHub group has started leaking information allegedly stolen from Change Healthcare in February 2024.
CyberSecurity Dive
UnitedHealth expects up to $1.6B hit from Change cyberattack this year
Investors on Tuesday got a clearer picture of the cyberattack's financial fallout on the healthcare juggernaut. Some said it wasn't as bad as they'd feared.
The Record
Ransomware attack has cost UnitedHealth $872 million; total expected to surpass $1 billion
UnitedHealth Group's earnings call captured the financial fallout from the incident on the same day as a congressional hearing into the cyberattack.
SC Magazine
RansomHub says Change Healthcare data now up for sale
The ransomware group posted screenshots of alleged insurer and patient information Monday.
The Record
Over 500 people targeted by Pegasus spyware in Poland, officials say
Prosecutor General Adam Bodnar says an investigation into Pegasus use by current and former government officials has expanded to hundreds more people than initially reported.
The Record
MGM sues to block FTC investigation of its data security
MGM says the FTC's requests are unconstitutional and that agency Chair Lina Khan should recuse herself since she happened to be staying at an MGM hotel at the time of the cyberattack that prompted the probe.
Ars Technica
Change Healthcare faces another ransomware threat—and it looks credible
Hackers already received a $22 million payment. Now a second group demands money.
CyberNews
LockBit bungles attempt to rebrand as DarkVault
The LockBit cybercriminal outfit appears to be planning a ransomware rebrand as the DarkVault, discovered after LockBit seemingly bungled the new website’s design.
The Record
Prominent US senator sees new momentum for healthcare cybersecurity push
As U.S. hospitals struggle to pay their employees amid a cyberattack that knocked out a major payment vendor, a powerful Democratic senator is seizing the moment to push for better security in the sorely vulnerable healthcare sector.
Infosecurity News
Change Healthcare Hit By Cyber Extortion Again
RansomHub has surfaced threatening to expose stolen data unless another ransom is paid
SecurityWeek
Second Ransomware Group Extorting Change Healthcare
RansomHub is extorting Change Healthcare, threatening to release data stolen in a February 2024 BlackCat ransomware attack.
CyberSecurity Dive
Change Healthcare asks to consolidate dozens of cyberattack class-action lawsuits
Lawsuits against the UnitedHealth subsidiary are racking up following a cyberattack against the technology firm in late February.
The Cyber Express
RansomHub Claims Access to Stolen Change Healthcare Data in Apparent ALPHV Affiliate Move
Security researchers recently found a new twist in the ongoing saga of the Change HealthCare data breach. The RansomHub ransomware
SC Magazine
Change Healthcare breach data may be in hands of new ransomware group
RansomHub has threatened to sell 4TB of Change Healthcare data if it is not paid in 12 days.
SecurityWeek
US Offering $10 Million Reward for Information on Change Healthcare Hackers
The US is offering a reward of up to $10 million for information on BlackCat ransomware affiliates that targeted US critical infrastructure.
The Cyber Express
UnitedHealth Group Disburses $3.3 Billion to Providers Affected by Change Healthcare Cyberattack
In the aftermath of the Change Healthcare cyberattack, UnitedHealth Group (the parent organization of Change Healthcare) has disbursed over $3
Infosecurity News
NHS Trust Confirms Clinical Data Leaked by Recognized Ransomware Group
NHS Dumfries and Galloway confirmed that patient clinical data was leaked following the attack on its systems earlier in March 2024
CyberSecurity Dive
CISA issues notice for long-awaited critical infrastructure reporting requirements
CIRCIA will require covered entities to promptly disclose major cyber incidents and ransomware payments.
CyberSecurity Dive
Senior lawmaker questions UnitedHealth over Change cyberattack
Rep. Jamie Raskin, D-Md., said UnitedHealth’s “rapid consolidation and vertical integration” has major consequences for the healthcare sector, including increased control of the health IT market.
CyberSecurity Dive
Hospital groups question HHS about data breach reporting after Change Healthcare attack
In a Thursday letter, the American Hospital Association urged the HHS’ Office of Civil Rights to reduce “duplicative” breach notifications from the cyberattack.
The Record
Senator demands answers from HHS about $7.5 million cyber theft in 2023
Republican Sen. Bill Cassidy wants details from the department in response to a report from earlier this year about a scam involving a grant program.
CyberNews
UnitedHealth's Change to begin processing $14B in medical claims
UnitedHealth Group tech unit Change Healthcare to process $14 billion in medical claims as more services, knocked offline in a February ransom attack, are fully restored.
CyberSecurity Dive
Change Healthcare’s drawn-out recovery catches flak from cyber experts
At least 100 services remain offline four weeks after the UnitedHealth Group detected an intrusion in its medical claims clearinghouse. Experts say the impacts are unprecedented.
CyberSecurity Dive
Change Healthcare cyberattack could damage credit at small providers: Fitch
Smaller companies may already have worse credit ratings and could struggle with cash flow disruptions caused by the outage.
SC Magazine
Change Healthcare ransomware attack disrupting industry nationwide
Caregivers, patients caught in middle as officials work to respond to Change Healthcare incident.
The Cyber Express
UnitedHealth Group Allocates Over $2 Billion for Change Healthcare Data Breach Fallout
The UnitedHealth Group has announced the allocation of over $2 billion in recovery efforts following the Change Healthcare cyberattack that
SecurityWeek
UnitedHealth Says It Has Made Progress on Recovering From Massive Cyberattack
UnitedHealth is testing the last major system it must restore from the Change Healthcare cyberattack, but has no date yet for finishing the recovery.
Infosecurity News
US Government to Investigate Change Healthcare Ransomware Attack
The US government will investigate whether protected healthcare information was breached in the Change Healthcare ransomware attack, and if the firm complied with HIPAA rules
CyberSecurity Dive
Change Healthcare locates ransomware attack vector
Though the UnitedHealth Group subsidiary’s recovery efforts are ongoing, a forensic analysis identified a safe system restoration point.
CyberSecurity Dive
HHS opens investigation into Change Healthcare cyberattack
The Office for Civil Rights will focus on whether protected health information was breached and if UnitedHealth complied with privacy and security requirements.
SecurityWeek
Government Launches Probe Into Change Healthcare Data Breach
The HHS is investigating whether protected health information was compromised in the Change Healthcare data breach.
CyberNews
US gov opens probe into UnitedHealth hack as systems come back online
The US Department of Health and Human Services (HHS) is opening an investigation into the cyberattack on UnitedHealth Group’s health tech subsidiary Change Healthcare.
The Record
Nissan: About 100,000 people in Australia, New Zealand affected by recent cyberattack
The Japanese automaker posted an update about a cyberattack it first reported in December.
Bleeping Computer
US govt probes if ransomware gang stole Change Healthcare data
The U.S. Department of Health and Human Services is investigating whether protected health information was stolen in a ransomware attack that hit UnitedHealthcare Group (UHG) subsidiary Optum, which operates the Change Healthcare platform, in late February.
CyberSecurity Dive
White House meets with UnitedHealth, industry groups on Change Healthcare cyberattack fallout
Officials called on payers to cut red tape and offer financial support to providers, including advanced payments.
The Record
HHS to investigate UnitedHealth and ransomware attack on Change Healthcare
The Department of Health and Human Services' Office for Civil Rights (OCR) said it would look into the incident “given the unprecedented magnitude of this cyberattack, and in the best interest of patients and health care providers.”
CyberNews
White House to UnitedHealth hack CEO: more emergency funds now
White House officials urged UnitedHealth Group CEO Andrew Witty to make more emergency funding available to healthcare providers affected by a hack at its tech unit.
The Cyber Express
BianLian Ransomware Strikes Lindsay Municipal Hospital: Another US Institution Under Attack
The Lindsay Municipal Hospital cyberattack has been claimed by the BianLian ransomware group. This nefarious organization, known for its disruptive
Bleeping Computer
The Week in Ransomware - March 8th 2024 - Waiting for the DarkSide rebrand
We saw another ransomware operation shut down this week after first getting breached by law enforcement and then targeting critical infrastructure, putting them further in the spotlight of the US government.
Bleeping Computer
The Week in Ransomware - March 8th 2024 - Waiting for the BlackCat rebrand
We saw another ransomware operation shut down this week after first getting breached by law enforcement and then targeting critical infrastructure, putting them further in the spotlight of the US government.
Bleeping Computer
UnitedHealth brings some Change Healthcare pharmacy services back online
Optum's Change Healthcare has started to bring systems back online after suffering a crippling BlackCat ransomware attack last month that led to widespread disruption to the US healthcare system.
SecurityWeek
Change Healthcare Restores Pharmacy Services Disrupted by Ransomware
Change Healthcare says it has made significant progress in restoring systems impacted by a recent ransomware attack.
PCMag
UnitedHealth Rebuilds Halted Services Following Ransomware Attack
UnitedHealth has restored pharmacy services and is working to fix 'infected code' in its systems. It aims to bring its claims network back online later this month.
CyberSecurity Dive
Change Healthcare faces potential class action as lawsuits rack up
At least six federal lawsuits seeking class-action status were filed since the cyberattack, alleging the technology firm didn’t have reasonable cybersecurity measures.
Infosecurity News
UnitedHealth Sets Timeline to Restore Change Healthcare Systems
UnitedHealth said it expects Change Healthcare’s key systems to be restored by March 18, amid reports it paid a $22m ransom to BlackCat
Loading more articles....