Greatest Healthcare Data Breaches of 2019

Unfortunately, 2019 has been a big year for hackers. From January, cyberattacks have been impacting a countless number of individuals, especially within the Healthcare industry. With it being a big target, we have gathered some of the Greatest Healthcare Data Breaches of 2019.

healt

January 2019: Inmediata Health Group

Due to a misconfigured database, 1.57 million Inmediata Health Group patients had fallen victim to a personal health data breach. Officials found a search engine function that was allowing internal webpages to be indexed, exposing electronic information. To make matters worse, patients who were to be notified of the breach were sent the wrong letters during the process.

February 2019: Columbia Surgical Specialist of Spokane

A ransomware attack impacted 400,000 patients. Information about this breach is very limited, but it has been reported that Columbia Surgical Specialist did not pay the ransom and was able to restore data from backups.

February 2019: UW Medicine

974,000 patients were exposed online for three weeks due to a misconfigured server. This was due to an employee error that allowed internal information to be accessed to the public. However, it was not discovered until a patient conducted a search of their own, coming across their personal files.

March 2019: Wolverine Solutions Group

A ransomware attack compromised a wide range of data from a host of clients, including demographic details and Social Security numbers. It 's not clear exactly how many people were affected, but it has been estimated to be over half a million!

March 2019: Oregon Department of Human Resources

A breach caused by a massive phishing campaign led to 625,000 patients and 2.5 million emails being compromised. Hackers were able to gain access to internal information by sending malicious emails to employees, asking them to provide their user credentials. Information accessed includes case numbers, SSN and PHI.

March 2019: Zoll Services

The personal and medical data of over 277,319 patients was compromised due to a server migration error. Exposed emails were found during a routine server migration. The compromised information includes dates of birth, medical information, SSN and demographic details.

April 2019: Dominion National

A nine-year hack on its servers potentially breached the data of 2.96 million patients. An investigation was prompted after an internal alert exposed unauthorized access to its systems. The unauthorized access was dated back as early as August 2010.

May 2019: American Medical Collection Agency

The AMCA was hacked for eight months, so far affecting up to 12 million patients from Quest Diagnostics. It is still unclear the total number of patients affected since most of the impacted providers are still going under investigation for the breach.

CISAnalysis - June 20, 2022

It’s Monday and time to take a gander at CISA’s Known Exploited Vulnerabilities Catalog.

By Kent Weigle

In: #exploitation

Can Old Vulnerabilities Learn New Tricks?

The public’s favorite government agency, CISA (not the CIA) has recently added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, the living, breathing, exponentially growing list of vulnerabilities that have seen active exploitation in the wild.

By Evan Kling

In: #patching

Nmap Advanced Uses Pt.3: Firewall Evasion

Intro

Today, firewalls are an essential part of almost every IT infrastructure and are being deployed in a myriad of shapes and forms. They usually focus on layers 3 and 4 of the OSI Model (occasionally layer 2). Next-generation Firewalls (NGFW) can also cover layers 5, 6, and 7. With more layers covered, we gain more control, but also spend more computing power.

By Nikola Kundacina

In: #vulnerability