University of Maryland Medical System Discovers 250-Device Malware Attack
Dec11

University of Maryland Medical System Discovers 250-Device Malware Attack

In the early hours of Sunday, December 9, 2018, the University of Maryland Medical System discovered an unauthorized individual had succeeded in installing malware on its network. Prompt action was taken to isolate the infected computers to contain the attack. According to a statement issued by UMMS senior VP and chief information officer, Jon P. Burns, most of the devices that were infected with the malware were desktop computers. The prompt action taken by IT staff allowed the infected computers to be quarantined quickly. No files were encrypted and there was no impact on medical services. UMMS should be commended for its rapid response. The attack was detected at 4.30am and by 7am, its networks and devices had been taken offline and affected devices had been quarantined. The majority of its systems were back online and fully functional by Monday morning. The incident highlights just how important it is for healthcare organizations to have an effective incident response plan that can be immediately implemented in the event of a malware attack. UMMS runs medical facilities in more...

Read More
48,000 Patients of Frisco Medical Center Notified of Breach of Payment Information
Dec11

48,000 Patients of Frisco Medical Center Notified of Breach of Payment Information

Baylor Scott & White Medical Center in Frisco, TX, has discovered the payment information of almost 48,000 patients and guarantors may have been compromised. The medical center, which is jointly managed by United Surgical Partners International (USPI) and Baylor Scott & White Health, discovered an issue with the credit card processing system of one of its vendors. The investigation revealed there had been a week-long computer intrusion between September 22 and September 29. Upon discovery of the issue, the medical center informed the vendor and stopped all credit card processing through the vendor’s system. Baylor Scott & White Health did not uncover evidence to suggest any patient/guarantor information had been further disclosed or misused; however, as a precaution, all individuals affected by the incident have been offered one year of complimentary credit monitoring services through TransUnion Interactive. The security breach was limited to the third-party vendor’s system. Hospital information and clinical systems remained secure at all times. No health information...

Read More
DHS/FBI Issue Fresh Alert About SamSam Ransomware
Dec10

DHS/FBI Issue Fresh Alert About SamSam Ransomware

In late November, the Department of Justice indicted two Iranians over the use of SamSam ransomware, but there is unlikely to be any let up in attacks. Due to the high risk of continued SamSam ransomware attacks in the United States, the Department of Homeland Security (DHS) and FBI have issued a fresh alert to critical infrastructure organizations about SamSam ransomware. To date, there have been more than 200 SamSam ransomware attacks, most of which have been on organizations and businesses in the United States. The threat actors behind SamSam ransomware have received approximately $6 million in ransom payments and the attacks have resulted in more than $30 million in financial losses from computer system downtime. The main methods of attack have been the use of the JexBoss Exploit Kit on vulnerable systems, and more recently, the use of Remote Desktop Protocol (RDP) to gain persistent access to systems. Access through RDP is achieved through the purchase of stolen credentials or brute force attacks. Once access is gained, privileges are escalated to gain administrator rights....

Read More
6,450 Prairie Fields Family Medicine Patients Notified About Email-Related Privacy Breach
Dec10

6,450 Prairie Fields Family Medicine Patients Notified About Email-Related Privacy Breach

Prairie Fields Family Medicine in Fremont, NE, is alerting 6,450 patients that some of their protected health information was contained in an unencrypted spreadsheet that was inadvertently sent to the wrong email recipient. The email was sent on October 1, 2018, and the error was discovered the same day. Prairie Fields Family Medicine has made multiple attempts to contact the owner of the email account to ensure the spreadsheet is securely deleted but, so far, no response has been received. The lack of contact has led Prairie Fields Family Medicine to believe the email account is no longer in use and has been abandoned, although the possibility remains that the spreadsheet has been opened and patient information has been compromised. The spreadsheet did not contain any financial data or health information typically contained in medical records. The breach was limited to patients’ first and last names, birth date, telephone number, first language spoken, sex, race, and, for certain patients, primary and secondary health insurer information, including providers’ names and account...

Read More
Vulnerability Identified in Philips HealthSuite Health Android App
Dec07

Vulnerability Identified in Philips HealthSuite Health Android App

The Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has issued a medical advisory about a vulnerability that has been identified in the Philips HealthSuite Health Android App. The Philips HealthSuite Health Android App records body measurements and health data to allow users to track activities to help them achieve their health goals. The app is used by individuals in the United States, Netherlands, Germany and the United Kingdom. User data stored by the app is encrypted to prevent unauthorized access; however, a security researcher discovered the method used to encrypt data is too simplistic and does not offer a sufficiently high level of protection. As a result, an attacker with physical access to the app could exploit the vulnerability to gain access to a user’s data. The vulnerability could not be exploited remotely so the risk to users is low. The vulnerability, tracked as CVE-2018-19001, has been assigned a CVSS v3 base score of 3.5. Philips will be releasing a new version of the app in the first quarter of 2019 which will...

Read More