Survey Confirms Increase in Phishing and Email Impersonation Attacks
Jun11

Survey Confirms Increase in Phishing and Email Impersonation Attacks

The COVID-19 pandemic has seen an increase in email impersonation attacks on businesses, according to the latest State of Email Security report from Mimecast. In the first 100 days of 2020, email impersonation attacks increased by 30%. The report was based on a survey conducted on behalf of Mimecast by Vanson Bourne on 1,025 IT decision makers in the U.S., UK, Germany, Netherlands, Australia, South Africa, United Arab Emirates (UAE), and Saudi Arabia between February and March 2020, while businesses were battling the COVID-19 pandemic. Mimecast also analyzed more than 1 billion emails screened by the company’s email security solutions. 60% of respondents to the survey reported an increase in email impersonation attacks such as business email compromise (BEC) over the past 12 months. There were an average of 9 email or web spoofing incidents detected by respondents in the past year, although there may be many others that they did not identify. DMARC is important for protecting against email impersonation attacks and preventing brand damage. While 97% of respondents were aware of...

Read More
Fake VPN Alerts Used as Lure in Office 365 Credential Phishing Campaign
Jun05

Fake VPN Alerts Used as Lure in Office 365 Credential Phishing Campaign

A phishing campaign has been identified that uses fake VPN alerts as a lure to get remote workers to divulge their Office 365 credentials. Healthcare providers have increased their telehealth services during the COVID-19 public health emergency in an effort to help prevent the spread of COVID-19 and ensure that healthcare services can continue to be provided to patients who are self-isolating at home. Virtual private networks (VPNs) are used to support telehealth services and provide secure access the network and patient data. Several vulnerabilities have been identified in VPNs which are being exploited by threat actors to gain access to corporate networks to steal sensitive data and deploy malware and ransomware. It is therefore essential for VPN systems to be patched promptly and for VPN clients on employee laptops to be updated. Employees may therefore be used to updating their VPN. Researchers at Abnormal Security have identified a phishing campaign that impersonates a user’s organization and claims there is a problem with the VPN configuration that must be addressed to allow...

Read More
Mobile Phishing Attacks Have Surged During the COVID-19 Health Crisis
Jun03

Mobile Phishing Attacks Have Surged During the COVID-19 Health Crisis

Cybercriminals have changed their tactics, techniques, and procedures during the COVID-19 health crisis and have been targeting remote workers using COVID-19 themed lures in their phishing campaigns. There has also been a sharp increase in the number of phishing attacks targeting users of mobile devices such as smartphones and tablets, according to a recent report from mobile security company Lookout. Globally, mobile phishing attacks on corporate users increased by 37% from Q4, 2019 to the end of Q1, 2020 with an even bigger increase in North America, where mobile phishing attacks increased by 66.3%, according to data obtained from users of Lookout’s mobile security software. Phishers have also been targeting remote workers in specific industry sectors such as healthcare and the financial services. While the sharp increase in mobile phishing attacks has been attributed to the change in working practices due to the COVID-19 pandemic, there has been a steady rise in mobile phishing attacks over the past few quarters. Phishing attacks on mobile device users tend to have a higher...

Read More
Government Healthcare Agencies and COVID-19 Research Organizations Targeted by Nigerian BEC Scammers
May08

Government Healthcare Agencies and COVID-19 Research Organizations Targeted by Nigerian BEC Scammers

Business email compromise scammers operating out of Nigeria have been targeting government healthcare agencies, COVID-19 research organizations, and pandemic response organizations to obtain fraudulent wire transfer payments and spread malware. The attacks were detected by Palo Alto Networks’ Unit 42 team researchers and have been attributed to a cybercriminal organization called SilverTerrier. SilverTerrier actors have been highly active over the past 12 months and are known to have conducted at least 2.1 million BEC attacks since the Unit 42 team started tracking their activity in 2014. In 2019, the group conducted an average of 92,739 attacks per month, with activity peaking in June when 245,637 attacks were conducted. The gang has been observed exploiting the CVE-2017-11882 vulnerability in Microsoft Office to install malware, but most commonly uses spear phishing emails targeting individuals in the finance department. The gang uses standard phishing lures such as fake invoices and payment advice notifications to trick recipients into opening malicious email attachments that...

Read More
PHI of 41,000 Patients Exposed in Aurora Medical Center and UPMC Altoona Phishing Attacks
Apr21

PHI of 41,000 Patients Exposed in Aurora Medical Center and UPMC Altoona Phishing Attacks

Aurora Medical Center-Bay Area in Marinette, WI is notifying 27,137 patients that some of their protected health information has been exposed as a result of a January 1, 2020 phishing attack. Several employees responded to the messages and disclosed their email account credentials, which gave the attackers access to their email accounts. The breach was discovered by the medical center on January 9, 2020. A password reset was immediately performed to prevent any further account access and the security breach was reported to law enforcement. An internal investigation was launched to determine what information was accessed by the attackers, which revealed emails and attachments in the accounts contained the protected health information of patients. Aurora Medical Center has not received any reports indicating there has been any misuse of patient information, but it was not possible to rule out data theft. A review of the emails in the accounts revealed they contained a range of PHI. The information varied from patient to patient and may have included names, first and last names,...

Read More
Beaumont Health Notifies 112,000 Patients About May 2019 Data Breach
Apr20

Beaumont Health Notifies 112,000 Patients About May 2019 Data Breach

Michigan’s largest healthcare system, Beaumont Health, has announced that unauthorized individuals have gained access to the email accounts of some of its employees and potentially viewed or obtained patient information stored in emails and email attachments. On March 29, 2020, Beaumont Health learned that the email account breach, which occurred almost 10 months ago, resulted in the exposure and potential theft of patient information. The investigation of the breach revealed the email accounts were accessed by unauthorized individuals between May 23, 2019 and June 3, 2019. A forensic investigation was performed to determine the extent and scope of the breach, along with a manual review of all emails in the compromised accounts. That review has taken some time to complete, hence the delay in issuing breach notification letters. The breached email accounts were discovered to contain the protected health information of around 5% of its 2.3 million patients, which is around 112,000 individuals. The types of information exposed and potentially stolen varied from patient to patient and...

Read More
Scammers Target Healthcare Buyers Trying to Purchase PPE and Medical Equipment
Apr16

Scammers Target Healthcare Buyers Trying to Purchase PPE and Medical Equipment

The Federal Bureau of Investigation (FBI) has issued a warning that cybercriminals are attempting to steal money from state agencies and healthcare industry buyers that are trying to purchase personal protective equipment (PPE) and medical supplies. Healthcare industry buyers have been told to be on high alert following a rise in the number of scams related to the procurement of PPE and essential medical equipment such as ventilators, which are in short supply due to increased demand. The FBI has received reports of several cases of advance fee scams, where government agencies and healthcare industry buyers have wired funds to brokers and sellers of PPE and medical equipment, only to discover the suppliers were fake. There have also been several reported cases of business email compromise (BEC) scams related to PPE and medical equipment procurement. In these scams, brokers and vendors of goods and services are impersonated. The scammers use email addresses that are nearly identical to the legitimate broker or seller and request wire transfer payments for the goods and services. The...

Read More
Phishing Attacks Reported by Hartford Healthcare and Saint Francis Ministries
Apr14

Phishing Attacks Reported by Hartford Healthcare and Saint Francis Ministries

The Saint Francis Ministries health system has announced that the email account of one of its employees was accessed by an unauthorized individual, who may have obtained patient information. The breach was identified on December 19, 2019 when suspicious activity was detected in an employee’s email account.  A third-party computer forensics firm was engaged to investigate the breach and determined on February 12, 2020 that the account was subjected to unauthorized access between December 13, 2020 and December 20, 2019. It was not possible to tell if the attacker accessed emails containing patient information or downloaded any email data, but no reports have been received to suggest any patient information has been misused. A review of the affected accounts was completed on March 24, 2020 which revealed that the following information was potentially compromised: Name, date of birth, Social Security number, driver’s license number, state ID number, bank/financial account number, credit or debit card number, diagnosis, treatment information, prescription information, provider name,...

Read More
FBI Warns of Increase in COVID-19 Related Business Email Compromise Scams
Apr08

FBI Warns of Increase in COVID-19 Related Business Email Compromise Scams

The Federal Bureau of Investigation has issued a warning following a rise in Business Email Compromise (BEC) attacks that are taking advantage of uncertainty surrounding the COVID-19 pandemic. BEC is the term given to an attempt to fool individuals responsible for performing legitimate transfers of funds into sending money to a bank account controlled by the attacker. This is achieved by impersonating an individual within a company that the victim usually conducts business with. A typical attack scenario will see an email sent to an individual in the finance department requesting a change to bank account information for an upcoming payment. Several attacks have recently been reported to the FBI’s Internet Crime Complaint Center (IC3) that have a COVID-19 theme and municipalities are being targeted that are purchasing personal protective equipment (PPE) and other essential supplies to use in the fight against COVID-19. In the alert, the FBI offered two recent examples of COVID-19 BEC scams. The first involved a scammer impersonating the CEO of a company and requesting that a...

Read More
PHI Exposed in Phishing Attacks on Healthcare Resource Group and Confido
Apr08

PHI Exposed in Phishing Attacks on Healthcare Resource Group and Confido

The pharmacy benefits consulting firm Confido has started notifying 3,600 of its clients’ employees, members, and their dependents, that some of their personal information has potentially been accessed by an unauthorized individual who gained access to an employee’s email account. The email account breach was detected on December 12, 2020 and an investigation was launched to determine the scale and scope of the breach. Assisted by a third-party security firm, Confido determined on January 17, 2020 that an unauthorized individual had access to the email account for a period of two weeks between November 29, 2019 and December 12, 2019. It was not possible to determine if information in the email account was downloaded, but the possibility could not be ruled out. A comprehensive review of the email account revealed it contained names, dates of birth, health insurance information, Social Security numbers, prescription information, treatment information, and clinical information such as diagnoses and provider names. Individuals affected by the breach were notified on February 10, 2020....

Read More
2019 Novel Coronavirus and COVID-19 Themed Attacks Dominate Threat Landscape
Apr06

2019 Novel Coronavirus and COVID-19 Themed Attacks Dominate Threat Landscape

Cybercriminals are now almost exclusively conducting 2019 Novel Coronavirus and COVID-19 themed-campaigns according to a new report published by Proofpoint. 80% of all threats identified by the firm are coronavirus or COVID-19 related. The recent analysis was performed on more than half a million email messages, 300,000 malicious URLs, and over 200,000 malicious email attachments. Proofpoint researchers identified more than 140 phishing and malware distribution campaigns and report that the number of active campaigns continues to rise. The coronavirus theme spans virtually every possible threat, with COVID-19 campaigns being conducted by small players to the most prolific APT groups. The email campaigns are diverse and frequently change and Proofpoint researchers believe the diverse nature of attacks will continue and attacks will likely increase. A report from Check Point tells a similar story. In mid-February, Check Point was seeing a few hundred coronavirus-themed malware attacks a day, but by late March the average number of attacks had increased to 2,600 a day with 5,000...

Read More
OCR Investigators Impersonated to Obtain PHI
Apr06

OCR Investigators Impersonated to Obtain PHI

While the majority of social engineering and phishing attacks take place via email, social engineering tactics are also used to convince people to part with sensitive information via other communication channels, including the telephone. Once such campaign is now being conducted over the telephone to convince healthcare employees to divulge protected health information (PHI). An individual claiming to be a HHS’ Office for Civil Rights investigator is calling healthcare providers to obtain the PHI of patients. The scam prompted OCR to issue a warning to healthcare providers over the weekend. The caller provides no information that can be used to verify the legitimacy of the call and an OCR compliant transaction number is not provided. OCR has recommended healthcare providers and their business associates raise awareness of the scam with the workforce and to provide information on the correct course of action to take if such a call is received. Healthcare employees should take steps to verify the identity that any caller requesting PHI. If a call from someone claiming to be an OCR...

Read More
35,800 Patients of The Otis R. Bowen Center for Human Services Notified About Email Security Breach
Apr03

35,800 Patients of The Otis R. Bowen Center for Human Services Notified About Email Security Breach

The Otis R. Bowen Center for Human Services, an Indiana-based provider of mental health and addiction recovery healthcare services, has announced that unauthorized individuals have gained access to the email accounts of two of its employees. It is unclear when the email account breaches occurred and for how long unauthorized individuals had access to the email accounts. In its website substitute breach notification, The Otis R. Bowen Center said an independent digital forensic investigation revealed on January 28, 2020 that PHI had potentially been accessed as a result of the attack. The review of the accounts has now been completed to determine which patients have been affected and those individuals have been individually notified by main. No mention was made about the types of information that were potentially compromised. The Otis R. Bowen Center said the investigation did not uncover any evidence to suggest that any PHI had been misused as a result of the breach but, out of an abundance of caution, affected individuals have been offered complimentary membership to credit...

Read More
February 2020 Healthcare Data Breach Report
Mar24

February 2020 Healthcare Data Breach Report

There were 39 reported healthcare data breaches of 500 or more records in February and 1,531,855 records were breached, which represents a 21.9% month-over-month increase in data breaches and a 231% increase in breached records. More records were breached in February than in the past three months combined. In February, the average breach size was 39,278 records and the mean breach size was 3,335 records. Largest Healthcare Data Breaches in February 2020 The largest healthcare data breach was reported by the health plan, Health Share of Oregon. An unencrypted laptop computer containing the records of 654,362 plan members was stolen from its transportation vendor in an office break in. The second largest breach was a ransomware attack on the accounting firm BST & Co. CPAs which saw client records encrypted, including those of the New York medical group, Community Care Physicians. Aside from the network server breach at SOLO Laboratories, the cause of which has not been determined, the remaining 7 breaches in the top 10 were all email security incidents. Name of Covered Entity...

Read More
Phishing Attacks Reported by University of Utah Health, Oregon DHS, and LifeSprk
Mar23

Phishing Attacks Reported by University of Utah Health, Oregon DHS, and LifeSprk

The Minnesota-based senior care provider LifeSprk is notifying 9,000 of its clients that some of their protected health information was potentially compromised as a result of a November 2019 phishing attack. On January 17, 2020, Lifesprk discovered an unauthorized individual had gained access to the email account of one of its employees. The account was immediately secured and a third-party cybersecurity firm was engaged to investigate the breach. The cybersecurity firm determined that a limited number of employee email accounts were compromised from November 5 through November 7, 2019. For the majority of affected individuals, information in the compromised accounts was limited to names, medical record numbers, health insurance information, and some health information. Certain patients also had financial information and/or their Social Security number exposed. The investigation into the breach is ongoing. To date, no evidence of data theft or misuse of protected health information has been found. Affected patients started to be notified on March 17, 2020. The delay in sending...

Read More
Roundup of Recent Healthcare Data Breaches
Mar20

Roundup of Recent Healthcare Data Breaches

A roundup of healthcare data breaches and security incidents recently reported to the HHS’ Office for Civil Rights and by media. Texas Network of Walk-in Clinics Attacked with Maze Ransomware AffordaCare Urgent Care Clinic, a network of walk-in clinics in Texas, has been attacked by the Maze ransomware gang. According to a recent report on DataBreaches.net, the hackers stole 40GB of data prior to encrypting files. Some of the stolen data was published online when AffordaCare refused to pay the ransom. The published data included patient contact details, medical histories, diagnoses, billing information, health insurance information, and employee payroll data. It is currently unclear how many patients have been affected as the breach has not yet appeared on the HHS’ Office for Civil Rights breach portal. Tandem Diabetes Care Patients Notified About Phishing Attack Tandem Diabetes Care, Inc. in San Diego, CA has been targeted by cybercriminals who gained access to the email accounts of a limited number of its employees between January 17, 2020 and January 20, 2020. The attack was...

Read More
90% of Healthcare Organizations Have Experienced an Email-Based Attack in the Past Year
Mar12

90% of Healthcare Organizations Have Experienced an Email-Based Attack in the Past Year

A recently published study conducted by HIMSS Media on behalf of Mimecast has revealed 90% of healthcare organizations have experienced at least one email-based threat in the past 12 months. 72% have experienced downtime as a result and one in four said the attacks were very or extremely disruptive. Healthcare organizations are a major target for cybercriminals. They hold large quantities of personal and health information that can be used for many fraudulent purposes, email-based attacks are easy to perform and require little technical skill, and they often give a high return on investment. Healthcare email security defenses also lag behind other industry sectors and security awareness training is often overlooked. The study was conducted in November 2019 on 101 individuals that had significant involvement with email security at hospitals and health systems in the United States. 3 out of 4 respondents said they have or are in the process of rolling out a comprehensive cyber resilience program, but only 56% of respondents said they already have such a strategy in place. When asked...

Read More
Healthcare and Pharma Companies Targeted in HIV Test Phishing Campaign
Mar11

Healthcare and Pharma Companies Targeted in HIV Test Phishing Campaign

Researchers at Proofpoint have identified a new phishing campaign targeting healthcare providers, insurance firms and pharmaceutical companies. The intercepted emails impersonate Vanderbilt University Medical Center and claim to include the results of a recent HIV test. The emails have the subject line “Test result of medical analysis” and include an Excel spreadsheet attachment – named TestResult.xlsb – which the recipient must open to view the HIV test results. When the spreadsheet is opened, the user is advised the data is protected. To view the test result it is necessary to enable content. If content is enabled and macros are allowed to run, malware will be downloaded onto the user’s computer. This is a relatively small-scale campaign being used to distribute the Koadic RAT, a program used by network defenders and pen testers to take control of a system. According to Proofpoint, Koadic is popular with nation state-backed hacking groups in Russia, China, and Iran. Koadic allows attackers to take control of a computer, install and run programs, and steal sensitive...

Read More
Q3, 2019 Saw a 350% Increase in Ransomware Attacks on Healthcare Providers
Mar10

Q3, 2019 Saw a 350% Increase in Ransomware Attacks on Healthcare Providers

Ransomware attacks on healthcare providers increased by 350% in Q4, 2019, according to a recently published report from Corvus. The attacks show no sign of letting up in 2020. Already in 2020 attacks have been reported by NRC Health, Jordan Health, Pediatric Physician’s Organization at Children’s, and the accounting firm BST & Co., which affected the medical group Community Care Physicians. To identify ransomware trends in healthcare, Corvus’s Data Science team studied ransomware attacks on healthcare organizations since Q1, 2017. Between Q1, 2017 and Q2, 2019, an average of 2.1 ransomware attacks were reported by healthcare organizations each quarter. In Q3, 2019, 7 attacks were reported, and 9 attacks were reported in Q4, 2019. Corvus identified more than two dozen ransomware attacks on U.S. healthcare organizations in 2019 and predicts there will be at least 12 ransomware attacks on healthcare organizations in Q1, 2020. Reports from other cybersecurity firms similarly show an increase in ransomware attacks on healthcare providers in the second half of the year. One report...

Read More
53% of Healthcare Organizations Have Experienced a PHI Breach in the Past 12 Months
Mar09

53% of Healthcare Organizations Have Experienced a PHI Breach in the Past 12 Months

The 2019 Global State of Cybersecurity in Small and Medium-Sized Businesses Report from Keeper Security shows approximately two thirds of healthcare organizations have experienced a data breach in the past, and 53% have experienced a breach of protected health information in the past 12 months. The survey was conducted by the Ponemon Institute on 2,391 IT and IT security professionals in the United States, United Kingdom, DACH, Benelux, and Scandinavia, including 219 respondents from the healthcare industry. Keeper Security reports indicates the average healthcare data breach results in the exposure of more than 7,200 confidential records and the average cost of a healthcare data breach is $1.8 million, including the cost of disruption to normal operations. The most common causes of healthcare data breaches are phishing attacks (68%), malware infections (41%), and web-based attacks (40%). Healthcare data breaches have increased considerably in the past few years. Even though there is a high risk of an attack, healthcare organizations do not feel that they are well prepared. Only...

Read More
New Report Reveals the Brands Most Impersonated by Phishers
Feb25

New Report Reveals the Brands Most Impersonated by Phishers

A new report from Vade Secure has revealed the top 25 most impersonated brands in phishing attacks. The Q4, 2019 Phishers’ Favorite report confirmed PayPal is still the brand most commonly impersonated in phishing attacks, with 11,392 detected phishing URLs in Q4. This is the second successive quarter that PayPal has topped the list. PayPal phishing URL detections are up 23% year-over-year and new PayPal phishing URLs are now being detected at a rate of 124 a day. There was an increase in phishing URL detections impersonating Facebook, which saw the social media giant leapfrog Microsoft (3rd) and Netflix (4th) into 2nd place. Facebook phishing URL detections are up 358.8% on Q4, 2018. Microsoft may be in third place overall, but it is the most commonly impersonated brand in corporate phishing attacks. Microsoft now has more than 200 million active Office 365 business users and those users are targeted to gain access to their Office 365 credentials. Office 365 accounts can contain a wealth of sensitive information and can be used to conduct spear phishing attacks on partners and...

Read More
Slew of Email Security Breaches Reported by Healthcare Organizations
Feb10

Slew of Email Security Breaches Reported by Healthcare Organizations

A further 5 healthcare data breaches of 500 or more records have recently been reported by HIPAA-covered entities and their business associates. Email Account Breach Reported by Shields Health Solutions Shields Health Solutions, a Stoughton, MA-based provider of specialty pharmacy services to hospitals and other covered entities, has discovered an unauthorized individual gained access to the email account of an employee and potentially viewed/copied protected health information. Suspicious activity was detected in the email account of an employee on October 24, 2019. Assisted by a cybersecurity firm, Shields Health Solutions determined an unauthorized individual accessed the account between October 22 and October 24, 2019. The breach was confined to a single email account. The email account contained messages and attachments that included patient names, dates of birth, medical record numbers, provider names, clinical information, prescription information, insurer names, and limited claims information. No evidence was uncovered that suggests patient information was accessed or...

Read More
65% of U.S. Organizations Experienced a Successful Phishing Attack in 2019
Jan28

65% of U.S. Organizations Experienced a Successful Phishing Attack in 2019

The 2020 State of the Phish report from the cybersecurity firm Proofpoint shows 65% of U.S. organizations (55% globally) had to deal with at least one successful phishing attack in 2019. For the report, Proofpoint drew data from a third-party survey of 3,500 working adults in the United States, United Kingdom, Australia, France, Germany, Japan, Spain along with a survey of 600 IT security professionals in those countries. Data was also taken from 9 million suspicious emails reported by its customers and more than 50 million simulated phishing emails in the past year. Infosec professionals believe the number of phishing attacks remained the same or declined in 2019 compared to the previous year. This confirms what may cybersecurity firms have found: Phishing tactics are changing. Cybercriminals are now focusing on quality over quantity. Standard phishing may have declined, but spear phishing attacks are more common. 88% of organizations said they faced spear phishing attacks in 2019 and 86% said they faced business email compromise (BEC) attacks. Phishing attacks are most commonly...

Read More
Nearly 200,000 Patients Impacted by PIH Health Phishing Attack
Jan24

Nearly 200,000 Patients Impacted by PIH Health Phishing Attack

PIH Health, a 2-hospital nonprofit healthcare network based in Whittier, CA, has started notifying nearly 200,000 patients about a potential breach of their personal and protected health information in June 2019. On June 18, 2019, PIH Health discovered the email accounts of certain employees had been accessed by unauthorized individuals as a result of a targeted phishing attack on its employees. The email accounts were immediately secured and an investigation was launched to determine the nature and extent of the breach. PIH Health engaged leading cybersecurity experts to assist with the investigation and was notified on October 2, 2019, that the email accounts were subject to unauthorized access between June 11, 2019 and June 18, 2019. The email accounts were then reviewed by the same cybersecurity experts to determine whether they contained any patient information. The review was completed on November 12, 2019. PIH Health then attempted to obtain up to date contact information for current and former patients affected by the breach. Notifications were sent by mail to those...

Read More
CISA Issues Warning About Increase in Emotet Malware Attacks
Jan23

CISA Issues Warning About Increase in Emotet Malware Attacks

A warning has been issued by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) about a recent increase in Emotet malware attacks. Emotet was first detected in 2014 and was initially developed to steal banking credentials, but it has seen considerable development over the past five years and is now is a highly sophisticated Trojan. In addition to stealing banking credentials, Emotet can steal passwords stored in web browsers and the credentials files of external drives. Modules have been added that allow it to propagate via email and download other malware variants. The malware has been used to infect devices with cryptocurrency miners and cryptowallet stealers, the TrickBot banking Trojan, and Ryuk ransomware. These additional payloads are often downloaded weeks, months, or even years after the initial Emotet infection. Emotet malware is primarily delivered via spam email. Initially, the malware was spread by JavaScript attachments; however, the threat actors behind the malware have now switched to Office documents with malicious macros that run PowerShell commands...

Read More
TitanHQ and Pax8 Partnership Announced
Jan22

TitanHQ and Pax8 Partnership Announced

Pax8 partners can now benefit from two new cybersecurity solutions thanks to a new partnership with TitanHQ. Pax8 is a born in the cloud distributor that connects the channel ecosystem to its award-winning transactional cloud marketplace. Pax8 helps its partners achieve more in the cloud through productivity, infrastructure, continuity, and security solutions. The company is one of the fastest growing in the world and has been placed at number 60 in the 2019 Inc. 5000 list and is a true leader in the cloud. Pax8 greatly simplifies the cloud for managed service providers and allows them to easily find, purchase, and implement cloud-based solutions from leading vendors. Two areas where Pax8 partners required greater choice were email and web security. Options have now been increased in both areas thanks to the new partnership with TitanHQ. TitanHQ is the leading provider of cloud-based email and web security solutions for MSPs serving the SMB market. Under the new partnership agreement, Pax8 partners can now protect their and their client’s networks with TitanHQ’s multi-award-winning...

Read More
Phishing Attack Reported by Adventist Health Sonora
Jan20

Phishing Attack Reported by Adventist Health Sonora

Adventist Health Sonora in California has discovered an unauthorized individual has gained access to the email account of a hospital associate and potentially viewed patient information. The email account breach was detected by Adventist Health Sonora’s information security team on September 30, 2019. Immediate action was taken to secure the compromised Office 365 account and an investigation was launched to determine the extent of the breach. The investigation confirmed that access to the Office 365 account was gained following a response to a phishing email and that it was an isolated incident. No other email accounts or systems were affected. The purpose of the attack appears to have been to redirect invoice payments and defraud the hospital and its vendors, rather than to obtain sensitive patient information. According to Adventist Health Sonora, a comprehensive review of the affected account revealed on October 14, 2019 that the account contained the protected health information of 2,653 patients. The types of information exposed included names, dates of birth, medical record...

Read More
Quest Health Systems Discovers Additional Patients Impacted by 2018 Phishing Attack
Jan17

Quest Health Systems Discovers Additional Patients Impacted by 2018 Phishing Attack

Health Quest, now part of Nuvance Health, has discovered the phishing attack it experienced in July 2018 was more extensive than previously thought. Several employees were tricked into disclosing their email credentials by phishing emails, which allowed unauthorized individuals to access their accounts. A leading cybersecurity firm was engaged to assist with the investigation and determine whether any patient information had been compromised. In May 2019, Quest Health learned that the protected health information of 28,910 patients was contained in emails and attachments in the affected accounts and notification letters were sent to those individuals. The compromised accounts contained patient names, contact information, claims information, and some health data. A secondary investigation of the breach revealed on October 25, 2019 that another employee’s email account was compromised which contained protected health information. According to the substitute breach notification on the Quest Health website, the compromised information varied from patient to patient, but may have...

Read More
44,000 Patients Impacted by Phishing Attacks on InterMed and Spectrum Healthcare Partners
Jan17

44,000 Patients Impacted by Phishing Attacks on InterMed and Spectrum Healthcare Partners

The Portland, ME-based healthcare provider InterMed is notifying 33,000 patients that some of their protected health information has potentially been compromised as a result of a phishing attack. The attack was detected on September 6, 2019. An internal investigation confirmed that the account was compromised on September 4 and the attackers had access to the account until September 6, 2019. A leading national computer forensic firm was engaged to investigate the breach and discovered a further three email accounts had also been compromised between September 7 and September 10, 2019. A comprehensive review of the affected email accounts was conducted but it was not possible to determine what emails or attachments, if any, had been viewed by the attackers. The types of information in the compromised accounts varied from patient to patient and may have included patients’ names, dates of birth, health insurance information, and some clinical information. A “very limited” number of patients also had their Social Security number exposed. InterMed started mailing breach notification...

Read More
Phishing Attack on SouthEast Eye Specialist Group Impacts 13,000 Patients
Jan16

Phishing Attack on SouthEast Eye Specialist Group Impacts 13,000 Patients

SouthEast Eye Specialist (SEES) Group in Franklin, TN, is notifying 13,000 patients that some of their protected health information has been exposed as a result of a recent phishing attack. It is unclear from the SEES Group’s substitute breach notice when the phishing attack occurred, but on November 1, 2019, SEES Group determined patient information was contained in email accounts that were accessed by unknown individuals. The breach was discovered when the IT department identified suspicious activity in some employee email accounts. A third-party computer forensics company was retained to assist with the investigation and determine whether any emails or email attachments containing patient information had been viewed or copied by the attackers. The investigation uncovered no evidence to suggest that patient information was viewed or obtained by unauthorized individuals, but it was not possible to rule out the possibility that patient information had been compromised. A painstaking analysis of all emails in the affected accounts revealed they contained information on patients...

Read More
Alomere Health Phishing Attack Impacts 49,351 Patients
Jan09

Alomere Health Phishing Attack Impacts 49,351 Patients

Alomere Health in Alexandria, MN is notifying almost 50,000 patients that some of their protected health information was potentially accessed by unauthorized individuals as a result of a phishing attack. Alomere Health learned about the phishing attack on November 6, 2019 and launched an internal investigation which confirmed the account was accessed by an unauthorized individual between October 31 and November 1, 2019. A computer forensics company was engaged to assist with the investigation and discovered on November 10, 2019 that a second email account had been breached on November 6. A comprehensive review of the compromised accounts revealed some emails and email attachments contained protected health information. The types of information potentially compromised in the attack varied from patient to patient and may have included the following data elements: Names, addresses, dates of birth, medical record numbers, health insurance information, treatment information, and/or diagnosis information. A limited number of Social Security numbers and driver’s license numbers were also...

Read More
Second Lawsuit Filed Against Kalispell Regional Healthcare Over Phishing Attack
Jan03

Second Lawsuit Filed Against Kalispell Regional Healthcare Over Phishing Attack

A second lawsuit has been filed against Kalispell Regional Healthcare in Montana over a May 2019 phishing attack that saw the email accounts of some of its employees accessed by cybercriminals. Kalispell Regional Healthcare learned about the breach on August 28, 2019. The investigation revealed the hackers gained access to employee email accounts on May 24, 2019 and potentially accessed patient information. A forensic investigation revealed the accounts contained the protected health information of as many as 140,209 patients. According to Kalispell Regional Healthcare’s substitute breach notification on its website, the following information was compromised in the breach: Names, addresses, email addresses, telephone numbers, dates of service, treatment information, health insurance information, treating and referring physicians’ names, and medical bill account numbers. Kalispell Regional Healthcare said 250 or fewer patients had their Social Security number exposed. Patients affected by the breach were offered complimentary credit monitoring and identity theft protection services...

Read More
Email Security Breaches Reported by Conway Medical Center and Equinox Inc.
Dec19

Email Security Breaches Reported by Conway Medical Center and Equinox Inc.

The email accounts of several employees of Conway Medical Center in South Carolina have been accessed by unauthorized individuals. The phishing attack was detected on October 7, 2019 and affected email accounts were immediately secured to prevent further unauthorized access. External cybersecurity experts were engaged to investigate the breach and determine whether patient information had been viewed or acquired. The investigators determined that the first email accounts were compromised in or before July 2019. It took until November 20, 2019 for the investigators to confirm that the protected health information of patients had been exposed as each email had to be checked to determine whether it contained PHI and if it had been accessed. That was largely a manual process. The way the email accounts were accessed meant emails may have synchronized with the attacker’s computer and could have been automatically downloaded. Those emails contained names, addresses, Social Security numbers, dates of birth, phone numbers, dates of admission, discharge dates, CMC account numbers, amount...

Read More
SpamTitan Top Rated AntiSpam Solution on Business Software Review Sites
Dec16

SpamTitan Top Rated AntiSpam Solution on Business Software Review Sites

The 2018 Verizon Data Breach Investigations Report showed phishing to be the primary method used by cybercriminals to infect healthcare networks with malware and steal financial information. Email was the attack vector in 96% of healthcare data breaches according to the report. All it takes is for one employee to respond to a phishing email for a data breach to occur, so it is essential for a powerful email security solution to be deployed that will catch phishing emails, malware, ransomware, and other email-based threats. Email security solutions can vary considerably from company to company. Some may be excellent at blocking email threats but can be difficult to use, others may fall short at detecting zero-day threats, and some fail to block many spam and phishing emails. All of the companies offering email security solutions claim that their products provide excellent protection, so selecting the best solution for your organization can be a challenge. Making the wrong decision can be a costly mistake. When choosing an email security solution, third party review sites are a...

Read More
Phishing Attacks Reported by Sunrise Community Health and Katherine Shaw Bethea Hospital
Dec11

Phishing Attacks Reported by Sunrise Community Health and Katherine Shaw Bethea Hospital

Evans, CO-based Sunrise Community Health has discovered the email accounts of several employees were compromised as a result of employees responding to phishing emails. The email accounts were accessed by unauthorized individuals between September 11, 2019 and November 22, 2019. Assisted by third party computer forensics experts, Sunrise Community Health determined on November 5, 2019 that the compromised email accounts contained the protected health information of certain patients. The types of data present in the email accounts varied from patient to patient and may have included names, dates of birth, Sunrise patient ID numbers, Sunrise provider names, dates of service, types of clinical examinations performed, the results of those examinations, diagnoses, medication names, and names of health insurance carriers. Sunrise Community Health does not believe the aim of the attack was to obtain patient information, but the possibility of unauthorized data access and data theft could not be ruled out. The attackers appeared to be targeting invoice and payroll information. The...

Read More
Microsoft Issues Advice on Defending Against Spear Phishing Attacks
Dec06

Microsoft Issues Advice on Defending Against Spear Phishing Attacks

Cybercriminals conduct phishing attacks by sending millions of messages randomly in the hope of getting a few responses, but more targeted attacks can be far more profitable. There has been an increase in these targeted attacks, which are often referred to as spear phishing. Spear phishing attacks have doubled in the past year according to figures from Microsoft. Between September 2018 and September 2019, spear phishing attacks increased from 0.31% of email volume to 0.62%. The volume may seem low, but these campaigns are laser-focused on specific employees and they are often very affective. The emails are difficult even for security conscious employees to recognize and many executives, and even IT and cybersecurity staff, fall for these campaigns. The emails are tailored to a specific individual or small group of individuals in a company, they are often addressed to that individual by name, appear to come from a trusted individual, and often lack the signs of a phishing emails present in more general phishing campaigns. These attacks are more profitable as some credentials are...

Read More
Healthcare Threat Detections Up 45% in Q3 and 60% Higher Than 2018
Dec04

Healthcare Threat Detections Up 45% in Q3 and 60% Higher Than 2018

Cyberattacks on healthcare organizations have increased in frequency and severity in the past year, according to recently published research from Malwarebytes. In its latest report – Cybercrime Tactics and Techniques: The 2019 State of Healthcare – Malwarebytes offers insights into the main threats that have plagued the healthcare industry over the past year and explains how hackers are penetrating the defenses of healthcare organizations to gain access to sensitive healthcare data. Cyberattacks on healthcare organizations can have severe consequences. As we have seen on several occasions this year, attacks can cause severe disruption to day to day operations at hospitals often resulting in delays in healthcare provision. In at least two cases, cyberattacks have resulted in healthcare organizations permanently closing their doors and a recent study has shown that cyberattacks contribute to an increase in heart attack mortality rates. Even though the attacks can cause considerable harm to patients, attacks are increasing in frequency and severity. Malwarebytes data shows the...

Read More
October 2019 Healthcare Data Breach Report
Nov25

October 2019 Healthcare Data Breach Report

There was a 44.44% month-over-month increase in healthcare data breaches in October. 52 breaches were reported to the HHS’ Office for Civil Rights in October. 661,830 healthcare records were reported as exposed, impermissibly disclosed, or stolen in those breaches. This month takes the total number of breached healthcare records in 2019 past the 38 million mark. That equates to 11.64% of the population of the United States. Largest Healthcare Data Breaches in October 2019 Breached Entity Entity Type Individuals Affected Type of Breach Betty Jean Kerr People’s Health Centers Healthcare Provider 152,000 Hacking/IT Incident Kalispell Regional Healthcare Healthcare Provider 140,209 Hacking/IT Incident The Methodist Hospitals, Inc. Healthcare Provider 68,039 Hacking/IT Incident Children’s Minnesota Healthcare Provider 37,942 Unauthorized Access/Disclosure Tots & Teens Pediatrics Healthcare Provider 31,787 Hacking/IT Incident University of Alabama at Birmingham Healthcare Provider 19,557 Hacking/IT Incident Prisma Health – Midlands Healthcare Provider 19,060...

Read More
Phishing Attacks at Highest Level Since 2016
Nov25

Phishing Attacks at Highest Level Since 2016

According to the Q3, 2019 Phishing Activity Trends Report from the Anti-Phishing Working Group, phishing attacks are now occurring at a rate not seen since 2016. 266,387 unique phishing sites were detected in Q3, 2019, an increase of 46% from Q2, 2019. Almost twice the number of phishing sites were detected in Q3, 2019 than in the last quarter of 2018. APWG received data on 277,693 unique phishing campaigns from its members. That is the highest number of detected phishing campaigns since Q4, 2016. APWG also collates information from phishing attacks reported by consumers and the general public. 122,359 unique reports were received from the public in Q3, 2019, up 9.09% from Q2. The phishing campaigns detected in Q3, 2019 impersonated more than 400 different companies, up from 313 in Q2, 2019. The types of company most commonly impersonated in the attacks are webmail and software-as-a-service providers. The main aim of the attacks on these firms is to obtain credentials that can be used to gain access to corporate email and SaaS accounts. The targets of attacks are largely unchanged...

Read More
IT Firm Ransomware Attack Prevents Nursing Homes and Acute Care Facilities from Accessing Medical Records
Nov25

IT Firm Ransomware Attack Prevents Nursing Homes and Acute Care Facilities from Accessing Medical Records

Virtual Care Provider Inc. (VCP), a Wisconsin-based provider of internet and email services, data storage, cybersecurity, and other IT services, has experienced a ransomware attack that has resulted in the encryption of medical records and other data the firm hosts for its clients. Its clients include 110 nursing home operators and acute care facilities throughout the United States. Those entities have been prevented from accessing critical patient data, including medical records. The company provides support for 80,000 computers, in around 2,400 facilities in 45 states. The attack involved Ryuk ransomware, a ransomware strain that has been used to attack many healthcare organizations and managed IT service providers in the United States in recent months. The ransomware is typically deployed as a secondary payload following an initial Trojan download. The attacks often involve extensive encryption and cause major disruption and huge ransom demands are often issued. This attack is no different. A ransom demand of $14 million has reportedly been issued, which the company has said it...

Read More
Phishing Attacks Reported by Choice Cancer Care Treatment Center and CAH Holdings
Nov21

Phishing Attacks Reported by Choice Cancer Care Treatment Center and CAH Holdings

Choice Cancer Care Treatment Center (CCCT), a network of cancer care centers in Texas, has discovered the protected health information of 14,673 patients has potentially been accessed by unauthorized individuals as a result of a phishing attack in May 2019. Suspicious activity in the email account of an employee was detected on May 21, 2019. The subsequent investigation confirmed that the account had been accessed by an unauthorized individual between May 1st and May 21st, 2019. The email account was immediately secured, and a third-party digital forensic firm was engaged to conduct a thorough investigation. An analysis of CCCT systems confirmed that the breach was confined to the email system and only one email account had been subjected to unauthorized access. A programmatic and manual review of all emails and email attachments in the account revealed the protected health information of certain patients had been exposed. The review was completed on September 18, 2019. CCCT then reviewed all affected records and confirmed the contact information for all individuals affected....

Read More
Proofpoint Q3 2019 Threat Report Shows Increase in RAT and Banking Trojan Activity
Nov13

Proofpoint Q3 2019 Threat Report Shows Increase in RAT and Banking Trojan Activity

The Proofpoint Q3 2019 Threat Report has been released. The report provides insights into the main threats in Q3, 2019 and reveals the changing tactics, techniques, and procedures used by cybercriminals. The data for the report comes from an analysis of more than 5 billion email messages, hundreds of millions of social media posts, and over 250 million captured malware samples. The report reveals scammers now favor embedded hyperlinks over attachments for spreading malware. 88% of malicious emails that were used to install malware used malicious URLs. This tactic is preferred as it makes it easier to bypass email security defenses. Proofpoint notes that ransomware still poses a significant threat, but it was noticeably absent from most email campaigns. Proofpoint suggests that the fall in the value of cryptocurrencies is making it harder for threat actors to monetize their ransomware campaigns. Greater rewards can be gained through other types of malware, such as remote access Trojans (RATs) and banking Trojans. RATs and banking Trojans were the main malware threats in Q3, 2019,...

Read More
Tens of Thousands of TennCare and Florida Blue Members Impacted Business Associate Phishing Attack
Nov13

Tens of Thousands of TennCare and Florida Blue Members Impacted Business Associate Phishing Attack

Further healthcare organizations have confirmed they have been affected by a data breach at Magellan Health National Imaging Associates, a business associate of several HIPAA-covered entities that provides managed pharmacy and radiology benefits services. Danville, PA-based Geisinger Health Plan announced last month that 5,848 of its members had been affected by the breach and Albuquerque, NM-based Presbyterian Health Plan has confirmed that 56,226 of its members have been affected. In the past few days, health insurance company Florida Blue and the Tennessee state Medicaid program, TennCare, have made similar announcements. The phishing attack occurred on May 28, 2019. Magellan Health NIA learned of the breach on July 5, 2019 and took action to secure the affected email account. The breach was detected when the compromised account was used to send out large quantities of spam email. The internal investigation confirmed that the mailbox had been accessed on several occasions by an individual based outside the United States. The purpose of the attack appears to have been solely to...

Read More
Salem Health Hospitals & Clinics and Delta Dental of Arizona Notify Patients About Phishing Attacks
Nov11

Salem Health Hospitals & Clinics and Delta Dental of Arizona Notify Patients About Phishing Attacks

Salem Health Hospitals & Clinics in Oregon experienced a phishing attack on July 31, 2019 that resulted in an unauthorized individual gaining access to the email accounts of several employees. The breach was detected within a day of the accounts being accessed and the compromised accounts were secured. Patients were notified about the breach on September 27 and were told that a review of the affected accounts was underway. The compromised email accounts were expected to contain a limited amount of patient information such as names, dates of birth, and information related to the medical services patients had received. At the time of issuing the notice, the investigation into the breach was ongoing. On Thursday, November 7, 2019, Salem Health spokesperson, Elijah Penner, said “The incident was reviewed thoroughly, and Salem Health has no indication that any patient information has been misused.” No evidence was uncovered to suggest patient information in emails and email attachments was accessed. Salem Health has advised affected patients to exercise caution and monitor...

Read More
Two Maine Healthcare Providers Report Email Security Breaches Impacting 52,000 Patients
Nov07

Two Maine Healthcare Providers Report Email Security Breaches Impacting 52,000 Patients

InterMed, one of the largest healthcare providers in Southern Maine, has discovered the personal and health information of up to 30,000 patients has potentially been accessed by an unauthorized individual as a result of a recent email security breach. On September 6, 2019, InterMed discovered an employee’s email account had been accessed by a third-party without authorization. An independent investigation into the breach revealed the account was compromised on September 4 and a further three employee email accounts were also found to have been compromised between September 7 and September 10, 2019. Emails and attachments in the compromised accounts contained patient information such as names, dates of birth, clinical information, and health insurance information, and for 155 individuals, Social Security numbers. The breach was limited to email accounts. The electronic medical record system was not accessed. It was not possible to determine whether emails in the account were actually viewed. The compromised email accounts were immediately secured, and affected patients were notified...

Read More
Common Office 365 Mistakes Made by Healthcare Organizations
Nov01

Common Office 365 Mistakes Made by Healthcare Organizations

An Office 365 phishing campaign has been running over the past few weeks that uses voicemail messages as a lure to get users to disclose their Office 365 credentials. Further information on the campaign is detailed below along with some of the most common Office 365 mistakes that increase the risk of a costly data breach and HIPAA penalty. Office 365 Voicemail Phishing Scam The Office 365 voicemail phishing scam was detected by researchers at McAfee. The campaign has been running for several weeks and targets middle management and executives at high profile companies. A wide range of industries have been attacked, including healthcare, although the majority of attacks have been on companies in the service, IT services, and retail sectors. The emails appear to have been sent by Microsoft and alert users to a new voicemail message. The emails include the caller’s telephone number, the date of the call, the duration of the voicemail message, and a reference number. The emails appear to be automated messages and tell the recipient that immediate attention is required to access the...

Read More
Utah Valley Eye Center Hacking Incident Leads to Phishing Attack on Patients
Nov01

Utah Valley Eye Center Hacking Incident Leads to Phishing Attack on Patients

Utah Valley Eye Center in Provo, UT is warning patients that some of their personal information may have been accessed by an unauthorized individual following a security breach involving its scheduling reminder portal on June 28, 2018. The hacker obtained the email addresses of 5,764 patients and sent each a phishing email in an attempt to gain access to PayPal credentials. The emails spoofed PayPal and advised the recipients that they had received a payment. Upon discovery of the security breach, Utah Valley Eye Center contacted all individuals who had been emailed to warn them about the security breach. No evidence has been uncovered to suggest any other information was accessed or misused, although the hacker would have had access to patient names, addresses, phone numbers, and dates of birth. No personal health or financial information is believed to have been accessed. Only 5,764 phishing emails were sent, but Utah Valley Eye Center could not determine exactly how many patients’ protected health information was viewed or obtained by the hacker. The decision was therefore...

Read More
Geisinger Health Plan Notifies Members About Business Associate Phishing Attack
Oct24

Geisinger Health Plan Notifies Members About Business Associate Phishing Attack

Danville, PA-based Geisinger Health Plan has discovered the protected health information (PHI) of some of its members has been exposed as a result of a suspected phishing attack on one of its business associates, Magellan NIA. Magellan NIA provides radiology benefits management services to the health plan, which requires access to plan members’ PHI. Magellan NIA discovered the breach on July 5, 2019 when suspicious activity was detected in the email account of one of its employees. The account was immediately secured to prevent further unauthorized access and misuse and an investigation was launched to determine the extent of the breach. The investigation revealed the account was breached on May 28, and there had been several connections to the account between up until July 5. Those connections were made from a location outside the United States. Geisinger Health Plan believes the sole purpose of the attack was to gain access to email accounts for the purpose of spamming, rather than to steal sensitive plan member data. However, it was not possible to rule out unauthorized data...

Read More
140,209 Patients Notified of Kalispell Regional Healthcare Phishing Attack
Oct23

140,209 Patients Notified of Kalispell Regional Healthcare Phishing Attack

Kalispell Regional Healthcare in Montana is in the process of notifying approximately 140,000 patients that some of their protected health information (PHI) was potentially compromised in a security breach over the summer. Kalispell Regional Healthcare operates Kalispell Regional Medical Center, a 138-bed hospital in Kalispell, MT. The breach has affected most of its patients. The breach affected Kalispell Regional’s email system and was the result of multiple employees being fooled by a “highly sophisticated” phishing scam. Employees responding to the phishing email inadvertently disclosed their login credentials to the attacker who used the credentials to remotely access their email accounts. Kalispell Regional learned of the breach on August 28. Upon discovery of the breach, all affected email accounts were disabled to prevent further unauthorized access, the security breach was reported to law enforcement, and an internal investigation was launched to determine the extent of the breach. The investigation revealed the email account was breached on May 24, 2019 and the...

Read More
68,000 Patients of Methodist Hospitals Impacted by Phishing Attack
Oct09

68,000 Patients of Methodist Hospitals Impacted by Phishing Attack

In June 2019, Gary, Indiana-based Methodist Hospitals discovered an unauthorized individual had gained access to the email account of one of its employees following the detection of suspicious activity in the employee’s email account. An investigation was immediately launched and third-party computer forensics experts were called in to determine the extent of the breach and whether any patient information had been accessed or copied by the attacker. The investigation revealed two email accounts had been compromised as a result of employees responding to phishing emails. It took until August 7, 2019 for the forensic investigators to determine that a breach had occurred and patient information had been compromised. One of the compromised email accounts was discovered to have been accessed by an unauthorized individual from March 13, 2019 to June 12, 2019, and the second account was subjected to unauthorized access on June 12, 2019 and from July 1 to July 8. As is typical in forensic investigations, it was not possible to determine whether the attacker viewed or copied patient...

Read More
Cancer Treatment Centers of America Experiences Another Phishing Attack
Oct07

Cancer Treatment Centers of America Experiences Another Phishing Attack

Cancer Treatment Centers of America (CTCA) is notifying certain patients that some of their protected health information (PHI) has been exposed as a result of a phishing-related email security breach that occurred in July 2019 at its Southeastern Regional Medical Center. The attack was identified on July 29, 2019 when suspicious activity was detected in the email account of a CTCA staff member. The breach investigation revealed the attacker had gained access to the account for a period of around 7 days from July 22. Upon detection of the breach, the user’s email account was secured to prevent further unauthorized access. The investigation did not uncover any evidence to suggest patient information in emails and email attachments were accessed or copied by the attacker, but the possibility could not be ruled out. The types of information potentially accessed included names along with addresses, phone numbers, dates of birth, health insurance information, medical information, and medical record numbers, and other patient identifiers. No Social Security numbers were exposed in the...

Read More
UAB Medicine Phishing Attack Impacts 19,000 Patients
Oct07

UAB Medicine Phishing Attack Impacts 19,000 Patients

UAB Medicine is alerting patients about an August 7, 2019 phishing attack that resulted in the email accounts of several employees of UAB Medical Center in Birmingham, AL being accessed by the attackers. Upon discovery of the breach, the passwords on affected email accounts were changed to prevent further unauthorized access and UAB Medicine engaged a leading cybersecurity firm to investigate the breach. An analysis of the compromised email accounts revealed they contained the protected health information (PHI) of 19,557 patients, including names and one or more of the following data elements: Medical record number, date of birth, dates of service, location of service, diagnoses, and treatment information. A limited number of patients also had their Social Security number exposed. UAB Medicine provides security awareness training to its workforce and has taught employees how to identify phishing emails. In this instance, despite that training, several employees responded to the emails and disclosed their email account credentials. Those credentials were used to gain access to email...

Read More
SpamTitan Named Cloud Email Security Leader by G2 Crowd for 3rd Consecutive Quarter
Sep22

SpamTitan Named Cloud Email Security Leader by G2 Crowd for 3rd Consecutive Quarter

SpamTitan has been named the leader in the G2 Crowd Grid Summer 2019 Report for Cloud Email Security. This is the third consecutive quarter that TitanHQ’s 100% cloud-based anti-spam and anti-phishing solution has been named leader in G2 Crowd’s Grid reports. G2 Crowd is an independent review website that provides SMBs and MSPs with insights into the best software companies and products on the market. The Grid reports cover the top-reviewed security products and software solutions. Each company’s position in the Grid is calculated from user reviews and aggregated data from online sources and social networks. G2 Crowd applies an algorithm to calculate scores for customer satisfaction and market presence, the latter being based on market share, vendor size, and social impact. Low customer satisfaction and a small market footprint see products/companies classed as niche players. Low customer satisfaction and strong market presence see a company/product classed as a contender. High customer satisfaction and a small market footprint place companies and products in the high performers...

Read More
56,226 Presbyterian Health Plan Members Affected by Phishing Attacks at Magellan Health Subsidiaries
Sep20

56,226 Presbyterian Health Plan Members Affected by Phishing Attacks at Magellan Health Subsidiaries

The Scottsdale, AZ-based managed care company, Magellan Health, has discovered two of its subsidiaries have experienced phishing attacks that exposed the protected health information of members of Albuquerque, NM-based Presbyterian Health Plan. The phishing attacks were experienced by National Imaging Associates and Magellan Healthcare, which both provide services to Presbyterian Health Plan. Both incidents were reported to the Department of Health and Human Services’ Office for Civil Rights on September 17, 2019. The National Imaging Associates incident was discovered on July 5 and affected 589 individuals and the Magellan Healthcare breach was discovered on July 12 and affected 55,637 individuals. Both incidents occurred within a few days but they are not believed to be related. The email accounts of two employees were breached on May 28 and June 6, 2019. Both of those individuals handled data related to members of the health plan. The investigation determined the aim of the attack was to compromise email accounts to use them to distribute spam email. No evidence was uncovered to...

Read More
Ramsey County Expands 2018 Phishing Attack Victim Count from 599 to 117,905
Sep19

Ramsey County Expands 2018 Phishing Attack Victim Count from 599 to 117,905

Ramsey County has discovered an August 2018 phishing attack has impacted far more individuals than initially thought. The victim count has been increased from 599 to 117,905. The initial breach report stated the email accounts of 26 employees were compromised in a phishing attack on or around August 9. The attack was identified promptly and the affected accounts were secured. The individuals responsible conducted the attack in order to re-route employees’ paychecks. The initial investigation, conducted with assistance from a data security firm, concluded on October 12, 2018 that the attackers would have been able to access sensitive information contained in the compromised accounts. The accounts were discovered to contain clients’ names, addresses, dates of birth, Social Security numbers, and limited medical information. Ramsey County reported the breach to the HHS’ Office for Civil Rights on December 11, 2018 and notified affected clients. The initial breach report indicated 599 clients had been affected. 9 months on and Ramsey County has announced that 117,905 individuals have...

Read More
Phishing Incidents Reported by Fraser and East Central Indiana School Trust
Sep16

Phishing Incidents Reported by Fraser and East Central Indiana School Trust

East Central Indiana School Trust (ECIST) has started notifying more than 3,200 individuals that some of their protected health information (PHI) has been exposed as a result of a recent phishing attack. On May 19, 2019, an employee was fooled into disclosing email account credentials which were used by the attacker to gain access to that individual’s email account. The breach was detected on May 22, 2019 and the account was secured. A third-party computer forensics company was retained to investigate the breach and determine whether patient information was compromised or stolen in the attack. The forensics firm did not uncover any evidence to suggest emails in the account were opened or downloaded by the attacker, but the possibility of unauthorized data access and theft could not be ruled out. The compromised email account contained information such as employees’ and dependents’ names, dates of birth, Social Security numbers, driver’s license numbers, prescription details, health insurance information, and some medical information. The breach has been reported to the HHS’ Office...

Read More
SE Labs Names Symantec Best Enterprise and Best Email Security Service
Sep14

SE Labs Names Symantec Best Enterprise and Best Email Security Service

UK-based information technology security testing firm SE Labs has named Symantec the Best Enterprise Endpoint and Best Email Security Service Provider. SE Labs’ mission is to help businesses purchase the best information technology solutions on the market to help them protect against cyberattacks and detect intrusions quickly when attacks occur. The company has developed ‘next generation’ testing techniques to test ‘next generation’ security solutions, network appliances, and cloud-based services to ensure they are capable of detecting and blocking a wide range of security threats. The company conducts continuous public tests, private assessments, and obtains feedback from its testing teams and corporate clients to produce reports that help enterprises select the best cybersecurity solutions on the market. The latest tests have seen Symantec solutions perform better than other solutions on the market, resulting in awards being issued for two of Symantec’s most popular enterprise security solutions. Symantec Endpoint Security gives enterprises visibility into their endpoints and...

Read More
Multiple Email Accounts Compromised in UC Health Phishing Attack
Sep05

Multiple Email Accounts Compromised in UC Health Phishing Attack

University of Cincinnati Health (UC Health) is investigating a security breach that saw the email accounts of multiple employees accessed by an unauthorized individual. The attack occurred between July 6 and July 12, 2019 and involved ‘a limited number’ of employee email accounts. An analysis of the compromised email accounts revealed they contained patients’ names, birth dates, medical record numbers, and some clinical information. A forensic analysis of UC Health email system was unable to establish whether the attackers opened or copied any emails or email attachments.  UC Health is attempting to determine exactly which patients have been affected and notification letters will be sent “in the coming weeks.” UC Health announced the breach on its website on September 4, 2019. UC Health will be enhancing email security and re-educating employees to help them identify phishing and other malicious emails. The incident has not yet appeared on the HHS’ Office for Civil Rights website, so it is unknown how many patients have been affected. Conway Regional Medical Center Phishing Attack...

Read More
Artesia General Hospital Phishing Attack Impacts 13,905 Patients
Sep05

Artesia General Hospital Phishing Attack Impacts 13,905 Patients

Artesia General Hospital in Artesia, NM, has discovered the protected health information (PHI) of 13,905 patients has been compromised in a phishing attack. The breach was detected when an employee’s email account was discovered to have been used to send unauthorized emails. The breach was detected on June 18, 2019 and the forensic analysis revealed the account had been accessed by an unauthorized individual between June 11 to June 18. A leading computer forensics company was engaged to investigate the breach, but no evidence of data theft was discovered. To date, no reports have been received to suggest PHI has been stolen or misused. The email accounts contained patients’ names, birth dates, patient account numbers, medical record numbers, health insurance information, and some treatment and/or clinical information, such as diagnoses, dates of service, and provider names. A small subset of affected patients also had Social Security numbers exposed. The hospital has re-enforced security awareness training and additional measures are being implemented to improve email security....

Read More
73 Email Accounts Compromised in Major Phishing Attack on NCH Healthcare System
Sep02

73 Email Accounts Compromised in Major Phishing Attack on NCH Healthcare System

The importance of security awareness training for healthcare employees has been highlighted by a recent phishing attack on Bonita Springs, FL-based NCH Healthcare System. The attack was detected on June 14, 2019 when suspicious email activity was identified in relation to its payroll system. The investigation revealed a staggering 73 employees had responded to phishing emails and disclosed their account credentials to the scammers. It is common for healthcare organizations to identify an email account breach and later discover the attack was more extensive than originally thought. Oftentimes, several emails accounts are discovered to have been compromised, often as a result of lateral phishing – The use of one compromised email account to send phishing emails to other individuals in the organization. However, a breach as extensive as this is fortunately rare. NCH Healthcare system is still investigating the attack and is being assisted by a third-party computer forensics firm. The initial findings of the investigation suggest the attackers were not concerned with obtaining PHI,...

Read More
Phishing Attack on Presbyterian Healthcare Services Exposed PHI of 183,000 Patients
Aug26

Phishing Attack on Presbyterian Healthcare Services Exposed PHI of 183,000 Patients

The Albuquerque, NM-based not-for-profit health system, Presbyterian Healthcare Services, has experienced a phishing attack that saw the email accounts of several employees subjected to unauthorized access. The phishing attack was discovered by Presbyterian Healthcare Services on June 6, 2019. The breach investigation revealed the email accounts were compromised a month previously, on or around May 9, 2019. Upon discovery of the breach, all affected email accounts were secured to prevent further access. An analysis of the compromised email accounts revealed they contained the protected health information (PHI) of 183,370 individuals. Compromised PHI was limited to names, dates of birth, Social Security numbers, and clinical and health plan information. Affected individuals have been advised to check their statements from their providers and health plans for signs of misuse of their personal information. Presbyterian Healthcare Services has implemented additional safeguards to protect its email system and all employees will be required to undergo annual cybersecurity training....

Read More
Study Raises Awareness of Threat of Lateral Phishing Attacks
Aug21

Study Raises Awareness of Threat of Lateral Phishing Attacks

A recent study by the University of San Diego, University of California Berkeley, and Barracuda Networks has shed light on a growing threat to healthcare organizations – Lateral phishing. In a standard phishing attack, an email is sent containing an embedded hyperlink to a malicious website where login credentials are harvested. The emails contain a lure to attract a click. That lure is often tailored to the organization being attacked. These phishing emails are relatively easy to identify and block because they are sent from outside the organization. Lateral phishing is the second stage in the attack. When an email account is compromised, it is then used to send phishing emails to other employees within the organization. Phishing emails are also sent to companies and individuals with a relationship with the owner of the compromised account. This tactic is very effective. Employees are trained to be suspicious of emails from unknown senders. When an email is received from a person in the organization that usually corresponds with the employee via email, there is a much higher...

Read More
PHI Exposed in Phishing Attacks on Michigan Medicine and Virginia Gay Hospital
Aug19

PHI Exposed in Phishing Attacks on Michigan Medicine and Virginia Gay Hospital

5,466 patients of Michigan Medicine are being notified that some of their protected health information has been exposed in a recent phishing attack. In July, Michigan Medicine employees were targeted in large scale phishing campaign. 3,200 Michigan Medicine employees received phishing emails containing a hyperlink to a legitimate looking web page that requested the user’s email login credentials. Three employees responded to the emails and disclosed their credentials. Those accounts were subjected to unauthorized access and were used to send further phishing emails. Michigan Medicine detected suspicious activity in the email accounts on July 8, 9 and 12, 2019 and performed a password reset to prevent any further unauthorized access. As a precaution, the passwords were also resent on the email accounts of all employees who received one of the phishing emails. Two of the accounts were discovered to contain patient information. In addition to a patient’s name, one or more of the following may have been compromised: Address, date of birth, medical record number, diagnostic information,...

Read More
MU Health Patients Take Legal Action Over May 2019 Phishing Attack
Aug13

MU Health Patients Take Legal Action Over May 2019 Phishing Attack

A lawsuit has been filed against University of Missouri Health Care (MU Health) over an April 2019 phishing attack. On May 1, 2019, MU Health learned that two staff email accounts had been compromised for a period of more than one week, starting on April 23, 2019. The email accounts contained a range of sensitive information including names, dates of birth, Social Security numbers, health insurance information, clinical and treatment information. MU Health’s investigation concluded on July 27 and notification letters were sent to individuals whose protected health information (PHI) had been exposed and potentially stolen. Approximately 14,400 patients had been impacted by the breach. The lawsuit was filed by MU Health patient Penny Houston around a week after the notifications were issued. The lawsuit states that, as a result of the breach, patients have been placed at an elevated risk of suffering identity theft and fraud. The types of data contained in the compromised accounts would allow criminals to steal identities, file fraudulent tax returns, and open financial accounts in...

Read More
Email Security Breaches Expose PHI of Seattle Community Psychiatric Clinic Patients
Aug09

Email Security Breaches Expose PHI of Seattle Community Psychiatric Clinic Patients

Community Psychiatric Clinic in Seattle, WA, a provider of accredited outpatient, mental health treatment, and counselling services, has experienced two security breaches in which patient information may have been compromised. In both cases, an unauthorized individual gained access to an employee’s Microsoft Office 365 account. The first security breach was detected on March 12, 2019 when an employee’s account was subjected to unauthorized access. The affected account was immediately secured, passwords were changed, and the employee’s hard drive was restored.  The email account also had additional protections added to prevent similar breaches from occurring in the future. The investigation did not uncover any evidence to suggest that patient data had been stolen. Around two months later on May 8, 2019, a second email account was discovered to have been compromised in a separate attack. The attacker used the email account to send a fraudulent wire transfer request to another member of staff. The transfer was executed, but due to the fast response of the clinic, it was possible to...

Read More
Email Security Firm Edgewave Acquired by GoSecure
Aug02

Email Security Firm Edgewave Acquired by GoSecure

The San Diego,CA-based email threat detection and response platform provider, Edgewave, has been acquired by the Waltham, MA-based cybersecurity company GoSecure for an undisclosed sum. Edgeware is best known for its ThreatTest service, which is used by companies to identify and respond to phishing attacks on the workforce. The platform provides pre- and post-delivery detection of email threats and automated response to mitigate phishing attacks and other email-based cybersecurity threats. The company was one of the first to offer a managed inbox detection and response service to businesses. The company employs 65 staff, has around 100 channel partners, and more than 2,000 business customers. GoSecure is primarily a provider of managed detection and response (MDR) services. CounterTack acquired Gosecure in June 2018, with the company rebranding as GoSecure powered by CounterTack in February this year. In addition to MDR services, the company offers a range of managed security services such as penetration testing, security audits, and threat assessments. The acquisition will allow...

Read More
15,000 Patient Records Exposed in Phishing Attack on HIPAA Business Associate
Jul23

15,000 Patient Records Exposed in Phishing Attack on HIPAA Business Associate

Northwood Inc., a Madison Heights, MI-based HIPAA business associate, has announced that a hacker has gained access to the email account of one of its employees and potentially viewed or obtained sensitive patient information. The breach was discovered on May 6, 2019 while investigating suspicious activity related to an employee’s email account. When a breach was confirmed, a leading computer forensics expert was hired to assist with the investigation and determine the nature and full extent of the attack. The forensic investigation revealed the employee’s email account was accessed by an unauthorized individual(s) from May 3 to May 6. No evidence was found to suggest any emails had been viewed or copied, but data access and data theft could not be ruled out. All emails and email attachments in the account had to be checked to determine whether they contained any patient information. On June 19, Northwood determined patients’ protected health information had been exposed and may have included a patient’s name along with one or more of the following data elements: Address, date of...

Read More
21,400 Patients Impacted by St. Croix Hospice Phishing Attack
Jul19

21,400 Patients Impacted by St. Croix Hospice Phishing Attack

St. Croix Hospice, a provider of hospice care throughout the Midwest, has discovered an unauthorized individual gained access to the email account of an employee and potentially viewed patient information. The breach was detected on May 10, 2019 when suspicious email activity was detected in the account. A third-party computer forensics firm was hired to assist with the investigation and discovered several employees’ email accounts were compromised between April 23, 2019 and May 11, 2019. It was not possible to determine whether any patient information had been accessed or copied, but the forensics firm did confirm that the accounts had been subjected to unauthorised access. An extensive systemic review of the compromised email accounts was conducted to identify which patients had had their protected health information exposed. On June 21, 2019, it was confirmed that protected health information had been exposed. The review has now been completed and patients are being notified that their name, address, financial information, Social Security number, health insurance information,...

Read More
Vade Secure Announces New Auto-Remediate Feature for its Office 365 Email Security Solution
Jul15

Vade Secure Announces New Auto-Remediate Feature for its Office 365 Email Security Solution

The email security firm Vade Secure has announced the launch of a new Auto-Remediate feature Vade Secure for Office 365. The new feature provides continuous protection against phishing, spear phishing, malware, and ransomware threats for Office 365 environments and reduces the time system administrators need to spend finding, investigating, and responding to new email threats. Earlier this year, Vade Secure released a manual Remediate feature that allows system administrators to remove threats from inboxes with a single click. The Auto-Remediate feature takes this a step further and ensures new threats are automatically removed from inboxes when they are identified. The new feature is powered by threat intelligence gathered from the 600 million mailboxes protected by Vade Secure’s email security solution. When new threats are detected by users, the information is used to protect all other Vade Secure users in real time. Vade Secure’s artificial intelligence and machine learning system is capable of learning from mistakes and improves over time. “Email attacks are becoming more...

Read More
Phishing Attack on California Business Associate Impacts 14,591 DHS Patients
Jul10

Phishing Attack on California Business Associate Impacts 14,591 DHS Patients

Nemadji Research Corporation, doing business as California Reimbursement Enterprises, has announced an unauthorized individual has gained access to the email account of an employee and may have viewed or copied the protected health information (PHI) of its clients’ patients. California Reimbursement Enterprises is a business associate of several healthcare facilities and hospitals in California and provides patient eligibility and billing services. The company also provides services to the Los Angeles County Department of Health Services (DHS). A potential email account breach was detected on March 28, 2019 when IT staff identified unusual activity in an employee’s email account. Assisted by a third-party computer forensics expert, Nemadji determined the employee responded to a phishing email the same day and the attacker accessed the account for several hours. All emails in the account were checked and on June 5, 2019, Nemadji confirmed that patient information had been exposed and notifications were issued to affected business partners. The breached email account contained...

Read More
Sensitive Data Potentially Compromised in Tennessee Hospice Phishing Attack
Jul05

Sensitive Data Potentially Compromised in Tennessee Hospice Phishing Attack

Alive Hospice in Nashville, TN, a provider of end-of-life care, palliative care, bereavement support and community education in middle Tennessee, has announced that the email account of an employee was subjected to unauthorized access in May 2019. Around May 6, 2019, suspicious activity was detected in an employee’s email account. The password for the account was immediately changed and an investigation was launched into the cause of the breach. The investigation revealed the email account was compromised on May 4, 2019 and hackers had access to the email account for a period of two days. Only one email account was compromised. Unauthorized account access was confirmed, but no evidence was found to suggest any patient information was accessed or stolen. The types of information in emails and email attachments varied from patient to patient and may have included the following types of PHI in addition to a patient’s name: Date of birth, Social Security number, driver’s license number, financial account number, medical history, treatment information, prescription information, treating...

Read More
PHI of 10,893 Summa Health Patients Potentially Compromised in Phishing Attack
Jul04

PHI of 10,893 Summa Health Patients Potentially Compromised in Phishing Attack

Akron, Ohio-based Summa Health has discovered an unauthorized individual has gained access to four employee email accounts containing patients’ protected health information (PHI). Summa Health became aware of the breach on May 1, 2019 and launched an investigation that revealed 2 email accounts had been breached in August 2018, and a further two accounts between March 11, 2019 and March 29, 2019. All four accounts were immediately secured and a third-party computer forensics firm was hired to determine whether any patient information had been accessed or stolen. The firm found no evidence of data theft or PHI access, although it was not possible to rule out the possibility that patient information was compromised in the breach. An analysis of the compromised accounts revealed they contained the following types of PHI: Patient names, dates of birth, medical record numbers, patient account numbers, clinical information, and treatment information. In total, 10,893 patients were affected. A small subset of those patients also had their Social Security numbers and/or driver’s license...

Read More
Phishing Attacks Reported by Broome County, NY and UMassMemorial Community Healthlink
Jun21

Phishing Attacks Reported by Broome County, NY and UMassMemorial Community Healthlink

Broome County in New York has started notifying 7,048 individuals that some of their protected health information (PHI) was compromised in a phishing attack on county employees. Broome County officials learned about the attack on January 2, 2019 when it was discovered that an employee’s direct deposit account information had been changed. An investigation was immediately launched which revealed ‘numerous’ Broome County email accounts had been compromised as a result of responses to phishing emails. Further, an unauthorized individual had also gained access to employees’ PeopleSoft accounts. A computer forensics expert was hired to assist with the investigation and determine how and when access to the accounts was first gained. That investigation revealed the first accounts were compromised on November 20, 2018 and further accounts were compromised up to January 2, 2019. Employee direct deposit information has been checked and all emails and email attachments in the compromised accounts have been analyzed. Broome County says multiple county departments were affected, including the...

Read More
Symantec Named Leader in Enterprise Email Security in Q2 2019 Forrester Wave Report
May28

Symantec Named Leader in Enterprise Email Security in Q2 2019 Forrester Wave Report

Symantec has been positioned as a Leader in Enterprise Email Security in the Q2 2019 Forrester Wave Report. Forrester is an independent research firm that assesses companies and their products based on strategy, market presence, and performance across 32 evaluation criteria. The results of the assessments are represented graphically, based on the strength of the current offering and each company’s strategy. Each is assigned to one of four categories: Challenger, Contender, Strong Performer, or Leader. For the latest Forrester Wave Report on Enterprise Email Security, the products of 12 security vendors were assessed: Barracuda, Cisco, Clearswift, Forcepoint, Microsoft, Mimecast, Proofpoint, Retarus, Sophos, Symantec, Trend Micro, and Zix. Each solution was researched and analyzed and given a score to determine the effectiveness of the solutions at reducing and manage security risk. Symantec scored highest out of all 12 products tested as part of the latest Enterprise Email Security report. Customers rated Symantec highly for customer support and ease of use, with Forrester praising...

Read More
April 2019 Healthcare Data Breach Report
May20

April 2019 Healthcare Data Breach Report

April was the worst ever month for healthcare data breaches. More data breaches were reported than any other month since the Department of Health and Human Services’ Office for Civil Rights started publishing healthcare data breach reports in October 2009. In April, 46 healthcare data breaches were reported, which is a 48% increase from March and 67% higher than the average number of monthly breaches over the past 6 years. While breach numbers are up, the number of compromised healthcare records is down. In April 2019, 694,710 healthcare records were breached – A 23.9% reduction from March.  While the breaches were smaller in March, the increase in breaches is of great concern, especially the rise in the number of healthcare phishing attacks. Largest Healthcare Data Breaches in April 2019 Two 100,000+ record data breaches were reported in April. The largest breach of the month was reported by the business associate Doctors Management Services – A ransomware attack that exposed the records of 206,695 patients. The ransomware was deployed 7 months after the attacker had first gained...

Read More
Cisco Umbrella Pricing
May15

Cisco Umbrella Pricing

A DNS filter provides an extra layer of security that can help to prevent phishing, malware, and ransomware attacks. In this post we cover Cisco Umbrella, a popular DNS filter, and look at Cisco Umbrella pricing to help you decide whether this is the right solution for your organization. What is Cisco Umbrella? Cisco Umbrella, the new name for OpenDNS, is a DNS filter that allows healthcare organizations to block web-based threats and carefully control the types of web content that can be accessed by employees and guest users. A DNS filter is an important element of layered cybersecurity defenses, as it prevents network users from accessing dangerous web content and downloading potentially malicious files. Importantly for healthcare organizations, a DNS filter provides an additional layer of protection against phishing attacks by providing time-of-click protection against potentially malicious hyperlinks embedded in emails and email attachments. Phishing is the most common cause of healthcare data breaches and attacks are becoming much more sophisticated. Phishing emails frequently...

Read More
60,000 Records Exposed in EmCare Phishing Attack
Apr23

60,000 Records Exposed in EmCare Phishing Attack

The Dallas, TX-based physician staffing company EmCare has announced that it has suffered a data breach that has impacted approximately 60,000 individuals, 31,000 of whom were patients. The exposed information was detailed in emails and email attachments in employee email accounts that were accessed by an unauthorized individual after several employees responded to phishing emails and disclosed their email credentials. It is unclear from Emcare’s breach notice when the breach occurred and how long the attackers had access to email accounts. The breach was discovered on February 19, 2019. An investigation was launched and, assisted by a third-party computer forensics company, it was discovered that the compromised email accounts contained information about patients, employees, and contractors. The following information was saved in email accounts and was potentially accessed or copied by the attackers: Names, dates of birth, driver’s license numbers, Social Security numbers, demographic information, and clinical information. The investigation did not uncover evidence to suggest...

Read More
11,639 Individuals Impacted by Riverplace Counseling Center Malware Attack
Apr18

11,639 Individuals Impacted by Riverplace Counseling Center Malware Attack

Riverplace Counseling Center in Anoka, MN, has discovered malware has been installed on its systems which may have allowed unauthorized individuals to gain access to patients’ protected health information. The malware infection was discovered on January 20, 2019. The counseling center engaged an IT firm to conduct a forensic analysis, remove the malware, and restore its systems from backups. The analysis was completed on February 18, 2019. The IT firm did not find evidence that suggested patient information had been subjected to unauthorized access or had been copied, but data access and PHI theft could not be totally ruled out. The types on information stored on the affected systems included names, addresses, dates of birth, health insurance information, Social Security numbers, and treatment information. Affected individuals were notified about the data breach on April 11, 2019 and have been offered identity theft monitoring services via Kroll for 12 months at no cost. No reports have been received to date to suggest any patients’ PHI has been misused. Riverplace Counseling...

Read More
Cofense Annual Phishing Defense Summit: September 23-24, 2019
Apr16

Cofense Annual Phishing Defense Summit: September 23-24, 2019

Cofense has announced its fourth annual Phishing Defense Summit and User Conference will be taking place on September 23-24, 2019 in Orlando, Florida. The event – Cofense Submerge 2019 – provides attendees with detailed information on the latest security threats, new phishing tactics being used in real world attacks, and the latest incident response trends. Practitioners on the front lines will be on hand to offer advice on effective phishing defense strategies and the latest best practices to adopt to deal with the growing threat from phishing. First hand experiences will be shared to allow attendees to learn from problems other have experienced and advice will be given on how to plug common security gaps. The most common cybersecurity threats will also be discussed, including ransomware trends, incident response, malware analysis, and improving employee resiliency to phishing and other cyberattacks. Industry experts will also be on hand to discuss the current threat landscape and the most dangerous and damaging phishing attacks over the past 12 months along with the lessons that...

Read More
SpamTitan Rated Top Email Security Gateway in G2 Crowd Report
Apr14

SpamTitan Rated Top Email Security Gateway in G2 Crowd Report

Every quarter, G2 Crowd, an independent business software review platform, publishes the G2 Crowd Grids and accompanying reports which contain a definitive ranking of best software companies and products across a wide range of different categories. G2 Crowd is used by business leaders to make better purchasing decisions. The platform contains more than half a million user reviews and the site receives more than 1.5 million visitors a month. More than 60,000 software products have been reviewed on the platform. In contrast to many business software review sites, G2 Crowd reviews are submitted by verified users of the software. Those reviews are amalgamated by G2 Crowd and each software company is ranked. The leaders in each field are then assigned a place on the G2 Crowd Grids. In the Spring 2019 G2 Crowd Grid Spring report, TitanHQ’s SpamTitan was named the leading product in the email security gateway category ahead of Mimecast, Proofpoint, Cisco, Barracuda, and SolarWinds. The solution was consistently rated above average by users in all areas; Ease of use; quality of support,...

Read More
Webinar: April 4, 2019: Email Security, DMARC, and Sandboxing
Apr04

Webinar: April 4, 2019: Email Security, DMARC, and Sandboxing

The healthcare industry is particularly vulnerable to phishing attacks and successful attacks commonly result in significant data breaches. It is now something of a rarity for a week to pass without a healthcare phishing attack being reported. While healthcare organizations are providing security awareness training to staff and are using email security solutions, those defenses are not always effective. To improve understanding of why advanced attacks are managing to evade detection by traditional email security solutions, email security solution provider TitanHQ is hosting a webinar. During the webinar TitanHQ will explain about the threat from phishing and how organizations can protect themselves and their customers/patients. The webinar will also explain how two new features of TitanHQ’s SpamTitan email security solution – DMARC authentication and sandboxing – can protect against advanced email threats, zero-day attacks, malware, phishing, and spoofing. Webinar Details: Date : Thursday, April 4th, 2019 Time: 12pm EST Duration: 30 minutes Sign up to the Webinar here....

Read More
Concerns Raised About the Sharing of Health Data with Non-HIPAA Covered Entities via Apps and Consumer Devices
Mar27

Concerns Raised About the Sharing of Health Data with Non-HIPAA Covered Entities via Apps and Consumer Devices

Earlier this month, the eHealth Initiative Foundation and Manatt Health issued a brief that calls for the introduction of a values framework to better protect health information collected, stored, and used by organizations that are not required by law to comply with Health Insurance Portability and Accountability Act (HIPAA) Rules. Health information is increasingly being collected by a wide range of apps and consumer devices. In many cases, the types of data collected by these apps and devices are the same as those collected and used by healthcare organizations. While healthcare organizations are required to implement safeguards to ensure the confidentiality, integrity, and availability of health information and uses and disclosures of that information are restricted, the same rules do not cover the data if the information is collected by other entities. It doesn’t matter what type of organization stores or uses the data. If that information is exposed it can cause considerable harm, yet this is currently something of a gray area that current regulations do not cover properly. At...

Read More
PHI Exposed in Three Recent Email Security Incidents
Mar25

PHI Exposed in Three Recent Email Security Incidents

Three email system breaches have been reported in the past few days that have resulted in unauthorized individuals gaining access to email accounts containing protected health information. Navicent Health Notifies Patients About July 2018 Phishing Attack Macon, GA-based Navicent Health is notifying certain patients that some of their protected health information has potentially been compromised as a result of an cyberattack on its email system. Upon discovery of the breach in July 2018, law enforcement was notified and a leading computer forensics firm was hired to investigate the breach. Navicent Health explained in a substitute breach notice on its website that it only became clear on January 24 that email accounts containing patient information had been breached. No reason was given as to why it took 6 months from the discovery of the breach to determine that patients’ PHI had been compromised. The types of information potentially accessed by the attackers included names, addresses, dates of birth, and some medical information such as appointment dates and billing information....

Read More
Study Confirms Healthcare Employees Are Susceptible to Phishing Attacks
Mar14

Study Confirms Healthcare Employees Are Susceptible to Phishing Attacks

The healthcare industry is being targeted by cybercriminals and phishing is one of the most common ways that they gain access to healthcare networks and sensitive data. The number of successful phishing attacks on healthcare institutions is a serious concern. At HIMSS19, OCR highlighted email as being the main location of breached ePHI and the high risk of data breaches from phishing attacks. Could the high number of successful phishing attacks be mostly down to the industry being targeted more than other industry sectors, or are healthcare employees more susceptible to phishing attacks? A recently published study has provided some answers. Dr. William Gordon of Boston’s Brigham and Women’s Hospital and Harvard Medical School and his team conducted a study to determine the susceptibility of healthcare employees to phishing attacks. For the study, Gordon and his team analysed data from 6 healthcare institutions in the United States that used custom-developed tools or vendor solutions to send simulated phishing emails to their employees. The researchers analyzed data from simulated...

Read More
Sandboxing and DMARC Authentication Added to SpamTitan to Improve Email Threat Detection
Mar13

Sandboxing and DMARC Authentication Added to SpamTitan to Improve Email Threat Detection

Despite increased investment in cybersecurity, healthcare organizations still struggle to protect against advanced phishing threats and email impersonation attacks. Detection of new malware threats can also be a major challenge for small to medium sized healthcare organizations and managed service providers. To better serve the healthcare market and improve protection against sophisticated phishing attacks and zero-day malware, TitanHQ has announced it has added two new features to its SpamTitan spam filtering solution: DMARC email authentication and sandboxing. Due to the increase in email impersonation attacks, the Department of Homeland Security issued a binding operational directive in 2017 that required all executive branch agencies to fully adopt Domain-based Message Authentication, Reporting and Conformance (DMARC) to protect against email impersonation attacks and domain spoofing. DMARC authentication has now been incorporated into SpamTitan to improve detection of domain spoofing phishing attacks and prevent these phishing emails from reaching end users’ inboxes. New...

Read More
HIPAA Compliant Online Forms
Mar12

HIPAA Compliant Online Forms

Web forms offer healthcare organizations an easy way to digitally collect information from patients, but care must be taken not to violate HIPAA Rules. To collect any health data, HIPAA compliant online forms must be used. HIPAA Compliant Online Forms Must be Used for Collecting Health Information The HIPAA Privacy and Security Rules requires all HIPAA-covered entities and business associates to implement a range of safeguards to ensure the confidentiality, integrity, and availability of protected health information. Online forms are not specifically mentioned in the HIPAA text, but the Privacy and Security Rules do apply to online forms. Large healthcare organizations are more likely to have in-house staff with the skills to create forms that comply with HIPAA Rules, but many covered entities take advantage of the convenience of third-party webform solutions. There are many companies that offer HIPAA compliant online forms software that allows forms to be quickly spun up and used for a wide range of purposes such as onboarding new patients, obtaining consent, collecting payments,...

Read More
IRS Issues Warning About Tax-Related Phishing Scams
Mar05

IRS Issues Warning About Tax-Related Phishing Scams

The IRS has launched its 2019 ‘Dirty Dozen’ campaign warning taxpayers about the most common tax-related phishing scams that lead to tax fraud and identity theft. Each year the IRS provides taxpayers, businesses, and tax professionals with information on the 12 most common phishing and tax scams to raise awareness of the most prevalent threats. During tax season, cybercriminals are highly active and seek tax information to commit identity theft and submit fraudulent tax returns. Each year, many consumers are fooled into disclosing their personal information and scores of organizations fall victim to these scams and disclose the tax information of employees to scammers. The scams are conducted over the phone, via text messages, on social media platforms, websites, and via email. On March 4, 2019, the IRS launched this year’s Dirty Dozen campaign with a warning about the most serious threat during tax season – phishing. On each of the following 11 weekdays, the IRS will highlight a different scam. Tax-related phishing scams are often cleverly disguised. Emails are sent that appear to...

Read More
Is JotForm HIPAA Compliant?
Mar05

Is JotForm HIPAA Compliant?

JotForm is a software solution for creating online forms. Can JotForm be used by healthcare organizations to collect patient information? Is JotForm HIPAA compliant? HIPAA Compliant Forms on Websites HIPAA covered entities can use online forms to collect a wide range of information from patients. Online forms are useful for registering new patients, obtaining consent, conducting customer surveys, and taking payments. Web forms streamline data collection, allow patient information to be sent to EHRs or other internal systems quickly and efficiently, and they can improve the patient experience. HIPAA covered entities that have the resources can create online forms manually; however, those that lack staff with the necessary skills or have to create large numbers of forms will benefit from using online form software to speed up the process of creating online forms. While form software can be used for all the above purposes, if the forms are used to collect protected health information, the software provider will be considered a business associate under HIPAA Rules. Consequently, prior...

Read More
Cofense Vision Launched: Accelerated Phishing Threat Detection and Remediation
Mar04

Cofense Vision Launched: Accelerated Phishing Threat Detection and Remediation

Cofense has announced the general availability of Cofense Vision: An alert system that provides real-time visibility into current, unreported phishing threats and accelerates detection and remediation. Phishing defenses should naturally include email gateway controls to block threats before they are delivered to inboxes, but no solution will provide total protection. It is inevitable that some phishing emails will be delivered to end users, even with multiple anti-phishing solutions in place. Training is essential to ensure those threats are recognized by employees, but given the sophistication of today’s phishing threats, some employees are sure to respond. Cofense Vision is a new solution that helps security operation center (SOC) and incident response (IR) teams to identify all instances of phishing messages in their email system and deal with those threats with greater speed and efficiency. The solution works in tandem with Cofense Triage, a solution that allows first responders to prioritize and understand reported phishing threats. An analysis of more than 2 million...

Read More
Is Constant Contact HIPAA Compliant?
Mar01

Is Constant Contact HIPAA Compliant?

Massachusetts-based Constant Contact has developed an online and email marketing solution that makes it easy to keep in touch with customers and send out newsletters and marketing messages, but can Constant Contact be used by HIPAA-covered entities? Is Constant Contact HIPAA compliant? Sending Marketing Emails Containing ePHI The HIPAA Privacy Rule does not prohibit HIPAA-covered entities from sending marketing emails, but before marketing messages can be sent, patients/plan members must give their authorization to receive those communications. Provided authorizations have been received in advance, marketing emails can be sent without violating the HIPAA Privacy Rule. In order to improve efficiency, an email marketing solution may be considered, but HIPAA -covered entities need to exercise caution. Not all email marketing platforms have the necessary safeguards to meet the requirements of the HIPAA Security Rule, and some that do still cannot be used as the service provider is not prepared to enter into a business associate agreement with healthcare organizations. Uploading any...

Read More
Cyren Recognized with Gold Cybersecurity Excellence Award for Email Security
Mar01

Cyren Recognized with Gold Cybersecurity Excellence Award for Email Security

Cyren Email Security has been recognized in the 2019 Cybersecurity Excellence Awards, collecting a gold award in the email security category. The Cybersecurity Excellence Awards were set up to recognize and reward the leading vendors in the cybersecurity space. To be considered for an award, a company or individual must demonstrate excellence in leadership in information security and a high level of innovation. Cyren’s secure email gateway solution is offered as a cloud-based service that protects businesses from the full range of email-based threats. This is the second consecutive year that the company’s email security SaaS offering achieved top spot, and the third year in a row that the company has scooped a Cybersecurity Excellence Award, having placed in the top three in the 2017 awards in the anti-malware category. This year Cyren faced stiff competition but finished ahead of 6 other finalists in the email security category. Cyren Email Security offers an additional layer of security for Office 365 environments and other corporate email systems. The solution includes...

Read More
Cofense Phishing Simulation Solution Enhanced with Responsive Delivery Option
Feb28

Cofense Phishing Simulation Solution Enhanced with Responsive Delivery Option

Each month, many healthcare organizations discover their employees’ inboxes have been compromised and the attackers have potentially gained access to patient health information. Phishing is the number one cyberthreat faced by healthcare organizations and phishing attacks are increasing in both frequency and complexity. Training employees how to recognize phishing and other email threats is essential, not only to prevent costly data breaches but also for HIPAA compliance. Providing training is only one element of improving human phishing defenses. It is also important to ensure that training has been taken on board by employees. The easiest way to do that and assess susceptibility and resilience to phishing attacks is through phishing simulations. Simulated phishing emails mirror real-world phishing emails and allow IT teams to find out which individuals are most susceptible to phishing attacks. Failed phishing simulations can be turned into a training opportunity. One problem faced by IT teams is making sure that phishing simulation emails are sent at the right time when they are...

Read More
KLAS Rates Lua Leading Post-Acute Secure Messaging Solution
Feb14

KLAS Rates Lua Leading Post-Acute Secure Messaging Solution

KLAS Research has given Lua Technologies’ HIPAA-compliant secure communications platform a score of 94 out of 100 in its 2018 Secure Communication Decision Insights Report. Lua was the highest scoring post-acute secure messaging solution and was recognized for the overall quality of the product, the value provided, and the performance of its secure communications platform. Lua developed its communications platform to meet the needs of a diverse range of healthcare professionals and help them communicate more effectively. The platform helps healthcare providers improve patient outcomes by ensuring healthcare employees can communicate quickly, easily, and efficiently with patients and all members of the care team. The platform incorporates privacy and security features to meet HIPAA requirements and allows protected health information to be shared quickly, easily, and securely with authorized individuals and ensures seamless communications across multiple devices and platforms to enhance mobile workflows in healthcare. “We are thrilled by the KLAS Research assessment of our...

Read More
United Hospital District Phishing Attack Impacts 2,143 Patients
Feb13

United Hospital District Phishing Attack Impacts 2,143 Patients

Blue Earth, MN-based United Hospital District has discovered patient information was exposed and potentially accessed by an unauthorized individual as a result of a June 2018 phishing attack. The phishing incident resulted in the compromise of a single email account, the credentials to which were obtained as a result of an employee responding to a phishing email. The substitute breach notice on the healthcare provider’s website indicates the account was compromised between June 10, 2018 and June 27, 2018. An in-depth analysis of the compromised account was conducted by third-party cybersecurity professionals who determined on December 12, 2018, that patient information had potentially been accessed. Emails and file attachments in the account were found to contain the protected health information of 2,143 patients. The types of information contained in the email account varied from patient to patient and may have included names, addresses, internal patient identification numbers, health insurance information and, for a limited number of affected patients, diagnoses, treatment...

Read More
PHI Exposed in Verity Health System Phishing Attack
Jan29

PHI Exposed in Verity Health System Phishing Attack

Verity Health System, a Redwood City-based network of 6 hospitals in California, has announced that the protected health information of certain patients has potentially been compromised as a result of a November 27, 2018 phishing attack. The Office 365 credentials of a Verity Health employee were obtained by a hacker as a result of a response to a phishing email. For a period of approximately one and a half hours, an unauthorized individual gained access to the employee’s email account and sent further phishing emails to Verity Health employees and other individuals in the employee’s contact list. The emails contained a hyperlink that directed the recipients to a malicious website. An investigation into the breach confirmed that none of the recipients of the phishing emails had disclosed their login credentials. The aim of the attacker appeared to be to gain access to further account credentials rather than to obtain sensitive data contained in the compromised account; however, it is possible that some patients’ personal information was viewed or possibly obtained while account...

Read More
New Report Reveals Spiraling Cost of Cyberattacks
Jan23

New Report Reveals Spiraling Cost of Cyberattacks

A new report from Radware has provided insights into the threat landscape in 2018 and the spiraling cost of cyberattacks. The report shows there has been a 52% increase in the cost of cyberattacks on businesses in since 2017. For the report, Radware surveyed 790 managers, network engineers, security engineers, CIOs, CISOs, and other professionals in organizations around the globe. Respondents to the survey were asked about the issues they have faced preparing for and mitigating cyberattacks and the estimated cost of those attacks. The 2018 Threat Landscape 93% of surveyed firms said they had experienced a cyberattack in the past 12 months. The biggest threat globally was ransomware and other extortion-based attacks, which accounted for 51% of all attacks. In 2017, 60% of cyberattacks involved ransoms. The reduction has been attributed to cybercriminals switching from ransomware to cryptocurrency mining malware. Political attacks and hacktivism accounted for 31% of attacks, down from 34% in 2017. The motive behind 31% of attacks was unknown, which demonstrates that attackers are now...

Read More
1,080 Chaplaincy Health Care Patients Potentially Impacted by Phishing Attack
Jan07

1,080 Chaplaincy Health Care Patients Potentially Impacted by Phishing Attack

Chaplaincy Health Care, a not-for-profit healthcare provider based in Richland, WA, has experienced a phishing attack that has resulted in the exposure of 1,080 patients’ protected health information. The phishing attack occurred on November 20, 2018 and was discovered within 4 hours. Prompt action was taken to block unauthorized access and a third-party computer forensics firm was hired to assist with the breach investigation. The investigation confirmed that a single email account was accessed by the attacker. After gaining access to the email account, the attacker attempted to access further accounts. The breach was discovered when the employee was alerted that her account had been used to send a phishing email to an email contact. No evidence was uncovered to suggest any patient health information was viewed or copied but, out of an abundance of caution, all patients affected by the breach have been offered complimentary credit monitoring and identity theft protection services through LifeLock for 12 months. Patients were notified about the breach on January 3, 2019. The firm...

Read More
Data of More Than 500,000 Staff and Students Compromised in San Diego School District Phishing Attack
Dec27

Data of More Than 500,000 Staff and Students Compromised in San Diego School District Phishing Attack

The San Diego School District has announced it has suffered a major phishing attack that has resulted in the exposure of the personal data, including health information, of more than 500,000 staff and students. The phishing attack was detected in October 2018; however, an investigation into the breach revealed the hacker had network access for almost a year. Access to the network was first gained in January 2018 and the attacker continued to access the network until November 2018. The decision was taken not to alert the hacker to the discovery of the breach immediately. Instead, the school district first investigated the breach to determine the nature of the attack and the extent to which its network had been compromised. Access was only terminated when the initial phase of the investigation was completed. San Diego School District conducted the investigation in conjunction with the San Diego Unified Police and has identified the hacker responsible for the attack. All compromised accounts have now been reset and unauthorized access to staff and student data is no longer possible....

Read More
Study Highlights Seriousness of Phishing Threat and Importance of Security Awareness Training
Dec17

Study Highlights Seriousness of Phishing Threat and Importance of Security Awareness Training

A new study has revealed the extent to which employees are being fooled by phishing emails and how despite the risk of a data breaches and regulatory fines, many companies are not providing security awareness training to their employees. For the study, 500 office workers were surveyed by the consultancy firm Censuswide. While all the respondents were based in Ireland, the results of the survey reflect the findings of similar studies conducted in other countries, including the United States. 14% of all surveyed office workers said that they had fallen for a phishing email, which would equate to around 185,000 office workers in Ireland. There were notable differences in susceptibility to phishing emails across the different age groups: Millennials, generation X, and baby boomers. The age group most likely to be fooled by phishing scams was millennials (17%), followed by baby boomers (7%), and Generation X (6%). Respondents were asked about how confident they were in their ability to identify phishing scams. Even though almost three times as many millennials had fallen for phishing...

Read More
Life Lua Wins Fierce Biotech Innovation Award
Dec16

Life Lua Wins Fierce Biotech Innovation Award

Life Lua, the developer of a HIPAA-compliant web and mobile access technology platform, has been named winner of a 2018 Fierce Innovation Award, Life Sciences Edition, in the Digital Health Solutions Category. Each year, Fierce Biotech recognizes companies that have gone the extra mile and are conducting leading-edge work in the field of health and biotechnology. On December 13, 2018, Rebecca Willumson, publisher of Fierce Biotech, confirmed Life Lua Technologies had been named category winner. Life Lua Technologies, a subsidiary of Life Biosciences Inc, has developed a mobile-first communications platform for the healthcare industry that allows healthcare professionals to communicate efficiently and effectively, no matter where they are located. The platform supports voice and video calls, file sharing, and promotes collaboration with all members of the care team to ensure the best possible care can be provided to patients. The platform also incorporates leading security protections to ensure all protected health information collected, maintained, stored, or transmitted through...

Read More
Webinar: DNS-Based Web Filtering for Healthcare Organizations
Dec04

Webinar: DNS-Based Web Filtering for Healthcare Organizations

Healthcare organizations have an opportunity to find out more about DNS-based web filtering in a Wednesday, December 5, 2018 webinar. The webinar, jointly hosted by Celestix Networks and TitanHQ, explores DNS-based web filtering and introduces Celestix WebFilter Cloud: A 100% cloud-based web filtering solution that protects against web-based threats and allows organizations to implement policy-based Internet controls. Celestix Networks was formed in 1999 and has delivered more than 25,000 security appliances worldwide and now serves more than 5,000 customers. As IT services have moved beyond the data center, Celestix has developed more flexible cloud-based security solutions, including a cloud-based web filter. Celestix WebFilter Cloud is powered by TitanHQ’s WebTitan technology. Since 1999, TitanHQ has been developing virtual appliances and cloud-based cybersecurity solutions to protect businesses from email and web-based threats. TitanHQ’s WebTitan technology protects more than 7,500 businesses from malware, ransomware, botnets, spyware, viruses, C2 callbacks, and phishing...

Read More
HealthEquity Notifies 165,800 Individuals of Email Security Breach
Nov19

HealthEquity Notifies 165,800 Individuals of Email Security Breach

HealthEquity is notifying 165,800 individuals that some of their protected health information has been exposed as a result of a email security breach. HealthEquity is a Utah-based company that provides services to help individuals gain tax advantages to offset the cost of healthcare, either through employers or health plans. Those services include health savings accounts (HSAs), health flexible spending arrangements (FSAs), limited purpose FSAs, and dependent care reimbursement accounts (DCRAs). In order to provide those services, HealthEquity has access to protected health information, some of which is communicated via email for business purposes. On October 5, 2018, HealthEquity’s security team discovered two Office 365 email accounts had been accessed by an unauthorized individual. On October 20, 2018, following an analysis of the cyberattack, HealthEquity confirmed that two employee email accounts had been breached and that those accounts contained the sensitive personal information of employees and individuals who benefited from its services through their health plan or...

Read More
Health First Phishing Attack Impacts 42,000 Customers
Nov13

Health First Phishing Attack Impacts 42,000 Customers

Health First Inc., a four-hospital Florida-based health system, experienced a hacking/IT incident earlier this year that was reported to the Department of Health and Human Services’ Office for Civil Rights on October 5. According to the OCR breach summary, 42,000 customers were affected by the breach. Further information has now been released on the nature of the breach. According to Health First, the email accounts of multiple employees were compromised in the phishing attack. The exposed protected health information was contained in the compromised email accounts. The electronic medical record system was unaffected by the attack. An investigation into the breach revealed the attackers first gained access to employee email accounts in February 2018. Those email accounts were used to conduct further phishing attacks on other Health First employees until May 2018. According to Health First, the attackers gained access to “a small number” of employee email accounts. The compromised email accounts contained a limited amount of protected health information such as names, addresses, and...

Read More
Z Services Expands Partnership with TitanHQ to Provide New Cybersecurity Service
Nov08

Z Services Expands Partnership with TitanHQ to Provide New Cybersecurity Service

The United Arab Emirates-based managed security services provider, Z Services, has expanded its relationship with TitanHQ and will be offering further TitanHQ cybersecurity solutions to its customers to protect them from web-based threats and meet compliance requirements. Earlier in 2018, Z Services partnered with TitanHQ and started offering its clients a new spam filtering solution – Z Services Anti-Spam SaaS – which was powered by TitanHQ’s spam filtering technology. The new service has proven to be a tremendous success and is helping Z Services’ clients block email-based threats such as spam, phishing emails, malware, and ransomware to keep their networks secure. The success of the new service prompted Z Services to start offering two new TitanHQ-powered solutions to its clients: A web filtering SaaS offering powered by WebTitan and a new email archiving service powered by ArcTitan. Both solutions have been combined into the Z Services MERALE solution which is focused on SMEs. MERALE offers SMEs enhanced protection against Internet threats and helps SMEs improve productivity by...

Read More
TitanHQ Chosen to Provide Wi-Fi Filtering Service to Leading Satellite Provider
Nov01

TitanHQ Chosen to Provide Wi-Fi Filtering Service to Leading Satellite Provider

The leading satellite operator, Eutelsat, has chosen TitanHQ’s WebTitan Cloud for Wi-Fi to secure its Wi-Fi networks and create at safe and secure environment for employees and guests to access the Internet. Eutelsat is one of the world’s largest satellite operators. Through its fleet of satellites Eutelsat offers organizations, businesses, and governments video, data, and broadband services. Eutelsat has global coverage and serves more than 150 countries throughout Europe, the Middle East, and Africa. Eutelsat has offices in 44 countries and employs more than 1,000 operational, commercial, and technical professionals. To meet the needs of its workforce and provide Internet access to guests, Eutelsat has deployed Wi-Fi access points throughout its offices. To ensure the Internet can be accessed safely and securely by all users, Eutelsat needed to deploy a Wi-Fi security solution that was capable of preventing its Wi-Fi users from visiting malicious websites such as phishing web pages and sites hosting exploit kits. Eutelsat also needed to enforce its acceptable Internet usage...

Read More
Webinar: TitanHQ and Datto Networking Discuss Enhanced Web Content Filtering
Oct17

Webinar: TitanHQ and Datto Networking Discuss Enhanced Web Content Filtering

Earlier this year, spam and web filtering solution provider TitanHQ partnered with Datto Networking, the leading provider of MSP-delivered IT solutions to SMBs. The new partnership has allowed Datto to enhance security on the Datto Networking Appliance with enterprise-grade web filtering technology supplied by TitanHQ. The new web filtering functionality allows users of the appliance to carefully control the web content that can be accessed by employees and guests and provides superior protection against the full range of web-based threats. TitanHQ and Datto Networking will be holding a webinar that will include an overview of the solution along with a deep dive into the new web filtering functionality. Webinar Details: Datto Networking & Titan HQ Deliver Enhanced Web Content Filtering Date: Thursday, October 18th Time: 11AM ET | 8AM PT | 4PM GMT/BST Speakers: John Tippett, VP, Datto Networking Andy Katz, Network Solutions Engineer Rocco Donnino, EVP of Strategic Alliances, TitanHQ Click here to register for the...

Read More
Most Common Healthcare Phishing Emails Identified
Oct16

Most Common Healthcare Phishing Emails Identified

A new report by Cofense has revealed the most common healthcare phishing emails and which messages are most likely to attract a click. The 2018 Cofense State of Phishing Defense Report provides insights into susceptibility, resiliency, and responses to phishing attacks, highlights how serious the threat from phishing has become, and how leading companies are managing risk. The high cost of phishing has been highlighted this week with the announcement of a settlement between the HHS’ Office for Civil Rights and Anthem Inc. The $16 million settlement resolved violations of HIPAA Rules that led to Anthem’s 78.8 million record data breach of 2015. That cyberattack started with spear phishing emails. In addition to the considerable cost of breach remediation, Anthem also settled a class action lawsuit related to the breach for $115 million. Even an average sized breach now costs $3.86 million to resolve (Ponemon/IBM Security, 2018). Previous Cofense research suggests that 91% of all data breaches start with a phishing email and research by Verizon suggests 92% of malware infections...

Read More
Healthcare Industry Highly Susceptible to Phishing Attacks and Lags Other Industries for Phishing Resiliency
Oct02

Healthcare Industry Highly Susceptible to Phishing Attacks and Lags Other Industries for Phishing Resiliency

The healthcare industry is extensively targeted by phishers who frequently gain access to healthcare data stored in email accounts. In some cases, those email accounts contain considerable volumes of highly sensitive protected health information. Phishing is one of the leading causes of healthcare data breaches. In August 2018, Augusta University Healthcare System announced that it was the victim of a phishing attack that saw multiple email accounts compromised. The breached email accounts contained the PHI of 417,000 patients. The incident stood out due to the number of individuals impacted by the breach, but it was just one of several healthcare organizations to fall victim to phishing attacks in August. Data from the HHS’ Office for Civil Rights shows email is the most common location of breached PHI. In July, 14 healthcare data breaches out of 28 involved email, compared to 6 network server PHI breaches – The second most common location of breached PHI. It was a similar story in May and June with 9 and 11 email breaches reported respectively. Cofense Research Shows Healthcare...

Read More
JotForm Announces Enterprise Version of its Encrypted HIPAA Forms Software
Sep20

JotForm Announces Enterprise Version of its Encrypted HIPAA Forms Software

Jotform has announced that it has released an enterprise version of its HIPAA forms software to allow large healthcare organizations to collect and manage data more efficiently. JotForm is a leading developer of online form software and has more than four million users worldwide. The company’s software solution has been adopted by many enterprises for creating a wide range of data collection forms, although up until now, they were required to use multiple accounts within the same organization. In order to centralize and simplify data collection, the company developed a product to specifically meet the needs of enterprises. Enterprise users can now manage all of their data through a single umbrella account. JotForm Enterprise has no submission limits nor restrictions on the number of forms that can be created and used. The solution includes custom domains for forms, white-labeling for branding purposes, and a suite of management tools. Earlier in 2018, JotForm announced that it is now a HIPAA forms software provider and will sign business associate agreements with healthcare...

Read More
Email Security Breaches Reported by Hopebridge (IN) and United Methodist Homes (NY)
Sep14

Email Security Breaches Reported by Hopebridge (IN) and United Methodist Homes (NY)

Hopebridge, an Indiana-based network of 28 autism treatment centers throughout the Midwest, has discovered it has been the victim of a phishing attack that has potentially resulted in an unauthorized individual gaining access to the protected health information (PHI) of its patients. A security breach was detected on July 19, 2018 prompting a thorough investigation. A leading third-party computer forensics firm was engaged to assess the nature and scope of the breach and all accounts and systems were immediately secured to lock out the attacker. The investigation revealed several employees had been fooled by phishing emails that had been sent between March and July 2018. Several email accounts were compromised as a result of employees’ responses to those emails. An analysis of the compromised email accounts revealed they contained a limited amount of patients’ PHI – Their names, the services they received from Hopebridge, and an inferred autism diagnosis. The results of the forensic investigation suggest that it was not the intention of the attacker to gain access to PHI, instead...

Read More
Updates to Cofense Phishing Simulation Platform Add Even More Opportunities for Automation
Aug23

Updates to Cofense Phishing Simulation Platform Add Even More Opportunities for Automation

Cofense has announced that further updates have been made to its award-winning phishing email simulation platform, Cofense PhishMe. The updates provide even greater opportunities for automating phishing simulation campaigns to save administrators even more time. Security awareness and anti-phishing training is now an important part of healthcare organizations’ cybersecurity programs. In addition to investing in technology to block phishing and other email-based threats, end users require training. Even layered defenses will not stop all phishing threats from reaching inboxes. Without training, end users will remain the weakest link in the security chain. Phishing simulation exercises are an important part of the training process. They allow security teams to assess how effective their training programs have been and identify weak points in the training program. They also allow security teams to identify individuals who have failed to understand certain parts of the training program. While phishing simulation platforms include some opportunities for automation and scheduling,...

Read More
Arnot Health Reduces ER Door-to-Floor Times by 36% with QliqSOFT
Aug10

Arnot Health Reduces ER Door-to-Floor Times by 36% with QliqSOFT

Arnot Health has implemented a new communications solution that has improved communication efficiency, slashed the time it takes to transfer patients from the emergency room to new units, and has improved both the level of care provided to patients and staff satisfaction. Arnot Health runs a 475-bed health system in southern New York State and constantly evaluates the healthcare services it provides to patients and searches for new opportunities to improve patient care. One area where there was considerable room for improvement was the admissions process, especially in its emergency department. “The amount of time it was taking to align all the appropriate resources was causing delays, and nobody wants to sit in an ER longer than they need to,” said Mike Connor, director of business information systems at Arnot Health. “We recognized an opportunity in the admissions process to greatly improve patient and staff satisfaction by eliminating the old school way of handling admissions and embracing a more mobile approach.” While many patients can be treated in the...

Read More
Cofense Develops New Phishing-Specific Security Orchestration, Automation and Response Platform
Jul30

Cofense Develops New Phishing-Specific Security Orchestration, Automation and Response Platform

Cofense has developed a new product which will soon be added to its portfolio of anti-phishing solutions for healthcare organizations and incorporated into its phishing-specific security orchestration, automation and response (SOAR) platform. The announcement comes at a time when the healthcare industry has been experiencing an uptick in phishing attacks. The past few months have seen a large number of healthcare organizations fall victims to phishing attacks that have resulted in cybercriminals gaining access to employee’s email accounts and the PHI contained therein. Perimeter security defenses can be enhanced to greatly reduce the number of malicious emails that reach employees’ inboxes, but even when multiple security solutions are deployed they will not block all phishing threats. Security awareness training is essential to reduce susceptibility to phishing attacks by conditioning employees to stop and think before clicking links in emails or opening questionable email attachments and to report suspicious emails to their security teams. However, security teams can struggle to...

Read More
TitanHQ Expands Executive Team with Appointment of Rocco Donnino as VP of Strategic Alliances
Jul04

TitanHQ Expands Executive Team with Appointment of Rocco Donnino as VP of Strategic Alliances

TitanHQ, the Galway, Ireland-based provider of spam filtering, web filtering, and email archiving solutions, has announced the appointment of Rocco Donnino to its executive team. TitanHQ has been experiencing impressive growth over the past three years and has doubled its staff to meet demand and provide support for its customers. To accommodate growth in the United States, TitanHQ has recently opened a new office in New York and has expanded its offices in Florida, now taking up all three floors of the Mazars Building. In the past 12 months, TitanHQ has formed new strategic partnerships with industry heavyweights such as Microsoft, Comcast, Datto, Kaseya, BitDefender, and ViaSat and now provides email and web security services to more than 7,500 businesses around the world. To help continue its impressive growth trajectory, TitanHQ has now appointed Rocco Donnino as its Executive Vice President of Strategic Alliances – a new position created to help ensure the continued expansion of the company’s strategic partnerships. Rocco Donnino has been charged with growing the firm’s...

Read More
Acumera Partners with TitanHQ to Offer Web Filtering to Customers
Jun26

Acumera Partners with TitanHQ to Offer Web Filtering to Customers

The Galway, Ireland-based cybersecurity firm TitanHQ has announced the formation of a new partnership with the Austin, TX-based managed services provider Acumera. Acumera is a leading provider of managed network security services in the United States. Securing widely distributed networks consisting of hundreds or thousands of locations is one of the main strengths of Acumera, with the managed services provider able to meet the unique connectivity, operational, and data security challenges that these large networks create. The company offers network security, connectivity, and visibility services for a wide range of industry sectors. Acumera has been chosen by many healthcare provider networks who have chosen to outsource cybersecurity and provides network security services for drug stores, automated parking garages, and has secured the POS systems and networks of some of the best-known retailers in the United States, including 7-Eleven, Circle K, Subway, Valero service stations, Benetton, and Pluckers. One area where Acumera’s managed services required a boost was web filtering,...

Read More
CSO Online Rates Cofense Triage One of Best Security Software Solutions of 2018
Jun15

CSO Online Rates Cofense Triage One of Best Security Software Solutions of 2018

Cofense Triage, the phishing incident response platform, has been included in CSO Online’s 2018 list of the best security software solutions of 2018. To produce the list, CSO Online conducted independent reviews of a wide range of software solutions. Strict review methodologies were used to select the best security products currently on the market. Each product was researched to find out how it worked, how the solution could be deployed in customer environments, the benefits it provided, and the major problems that the solution resolved. The review was based on the top technology areas for security identified by Gartner, which included cloud workload protection platforms, remote browsers, deception technologies, endpoint detection and response platforms, network traffic analysis solutions, managed detection and response services, microsegmentation solutions, cloud access security brokers, OSS security scanning services for DevSecOps, and container security. CSO Online tested all security solutions in a dedicated lab environment with each tested, where appropriate, against some of...

Read More
TitanHQ Integrates Web Security into Datto’s Networking Suite
Jun13

TitanHQ Integrates Web Security into Datto’s Networking Suite

TitanHQ, the leading provider of email and web security solutions for SMBs, has formed a strategic alliance with the networking giant Datto and will be providing its innovative cloud-based web filtering solution to Datto MSPs. Norwalk, CT-based Datto is primarily a data backup, disaster recovery, and business continuity service provider. The company’s mission is to provide SMBs with the highest quality enterprise-level technology to protect their businesses and networks. Datto achieves this through its managed service provider (MSP) partners, giving them access to software solutions to ensure their clients are well protected. The company was acquired by Vista Equity Partners in 2017 and merged with New York-based Autotask and now has offices in 21 locations in the United States, Canada, China, Denmark, Netherlands, Germany, Singapore, Australia, and the UK. The company employs more than 1,300 staff and is the world’s leading provider of MSP-delivered IT solutions. TitanHQ Integrates Web Filtering Solution into Datto’s Networking Range Galway-based TitanHQ is an award-winning...

Read More
Cofense Launches Free Tool That Checks for SaaS Applications Using Corporate Domains
Jun08

Cofense Launches Free Tool That Checks for SaaS Applications Using Corporate Domains

The anti-phishing solution provider Cofense has launched a new tool that allows organizations to check what Software-as-a-Service (SaaS) applications have been registered by employees using corporate domains. The tool identifies configured cloud services, allowing security teams to check which SaaS applications are in use and take action over unauthorized use of cloud applications by employees. The solution will query a corporate domain against a list of commonly used SaaS applications and will return a list of all SaaS applications that are in use, highlighting applications that have been provisioned without prior approval from the IT department. A file can be downloaded detailing all SaaS applications in use which can be compared with future scans to identify new SaaS applications that have been provisioned since the last time the query was run. Shadow IT introduces risks, yet IT departments are often unaware of employees’ activities. Many companies are in the dark about the software used by their employees and the cloud services registered using company domains. This new service...

Read More
Cofense Triage Now Helping ADT Protect its Customers from Phishing Attacks
May16

Cofense Triage Now Helping ADT Protect its Customers from Phishing Attacks

Cofense has announced it has partnered with the monitored security and interactive business automation solution provider ADT. ADT provides cybersecurity solutions to enterprises and mid-sized companies throughout the United States and Canada. The firm’s managed detection and response services allow businesses to mitigate cyber threats in real-time before they lead to a data breach. Perimeter defenses only go so far. They will block the majority of cyber threats, although no solution is capable of preventing all phishing emails from reaching inboxes. It is therefore essential for organizations to have a solution in place to allow phishing attacks to be mitigated in real time. The partnership will see Cofense Triage incorporated into ADT’s unified platform for organizing, managing, and collecting cyber intelligence. Cofense Triage is the industry’s first phishing-specific automated incident response platform. The platform provides security teams with detailed information on phishing attacks in real-time, helping them separate attacks in progress from the background noise and...

Read More
Warnings Issued Over Vulnerable Medical Devices
May14

Warnings Issued Over Vulnerable Medical Devices

Warnings have been issued by the Department of Homeland Security’s (DHS) Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) about vulnerabilities in several medical devices manufactured by Silex Technology, GE Healthcare, and Phillips. If the vulnerabilities were to be exploited, an unauthorized individual could potentially take control of the devices. Phillips Brilliance CT Scanners In early May, Phillips alerted the National Cybersecurity and Communications Integration Center (NCCIC) about security vulnerabilities affecting its Brilliance CT scanners. Phillips has been working to remediate the vulnerabilities and has been working with DHS to alert users of its devices to help them reduce risk. There have been no reports received to suggest any of the vulnerabilities have been exploited in the wild. Three vulnerabilities have been discovered to affect the following scanners: Brilliance 64 version 2.6.2 and below Brilliance iCT versions 4.1.6 and below Brillance iCT SP versions 3.2.4 and below Brilliance CT Big Bore 2.3.5 and below See ICS-CERT advisory...

Read More
Spate of Phishing Attacks on Healthcare Organizations Sees 90,000 Records Exposed
May10

Spate of Phishing Attacks on Healthcare Organizations Sees 90,000 Records Exposed

The past few weeks have seen a significant rise in successful phishing attacks on healthcare organizations. In a little over four weeks there have been 10 major email hacking incidents reported to the Department of Health and Human Services’ Office for Civil Rights, each of which has resulted in the exposure and potential theft of more than 500 healthcare records. Those ten incidents alone have seen almost 90,000 healthcare records compromised. Recent Email Hacking and Phishing Attacks on Healthcare Organizations HIPAA-Covered Entity Records Exposed Inogen Inc. 29,529 Knoxville Heart Group 15,995 USACS Management Group Ltd 15,552 UnityPoint Health 16,429 Texas Health Physicians Group 3,808 Scenic Bluffs Health Center 2,889 ATI Holdings LLC 1,776 Worldwide Insurance Services 1,692 Billings Clinic 949 Diagnostic Radiology & Imaging, LLC 800 The Oregon Clinic Undisclosed   So far this year there have been three data breaches involving the hacking of email accounts that have exposed more than 30,000 records. Agency for Health Care Administration suffered a 30,000-record breach...

Read More
Cofense Expands Technology Alliance Program to Provide Organizations with Greater Visibility into Network Security
May09

Cofense Expands Technology Alliance Program to Provide Organizations with Greater Visibility into Network Security

Over the past 12 months, the anti-phishing solution provider Cofense has significantly expanded its Technology Alliance Program, increasing its partners by 50% and adding more than 10 new technical integrations in the past year. The purpose of the Technology Alliance Program is to allow partners to offer their customers a much more comprehensive solution to deal with the growing threat from phishing. Complimentary cybersecurity solution providers can concentrate on enhancing their own capabilities, while benefiting from the specialized anti-phishing technology developed by Cofense. By linking technologies together, customers of partners will be able to offer the detailed intelligence and phishing response capabilities of Cofense Triage and Cofense Intelligence. The solutions provide detailed information that can help companies make more effective decisions about the cyber threats facing their company. The integrations with technology partners also reduce the cost for customers, simplify deployments, improve efficiency, and help them optimize their cybersecurity investments. New...

Read More
TitanHQ’s WebTitan Now Available Through Kaseya IT Complete Suite
May04

TitanHQ’s WebTitan Now Available Through Kaseya IT Complete Suite

TitanHQ has announced its DNS-based web filtering solution, WebTitan, has now been integrated into Kaseya’s IT Complete platform. The integration allows MSPs serving the healthcare industry to offer their clients an additional layer of protection against web-based threats such as phishing, malware, and ransomware. Via Kaseya, managed service providers can access cybersecurity solutions from some of the biggest names in the industry, including Cisco, Dell, and Bitdefender. While the platform provides MSPs with a wide range of easy-to-deploy cybersecurity solutions, one notable absence was an MSP-friendly content filtering solution. “Security is a critical service that all MSPs must deliver. Adding WebTitan to our open ecosystem of partner solutions means our customers now have even greater access to best of breed technologies to meet the needs of their business,” said Frank Tisellano, Jr., Kaseya vice president product management and design. “With growing concerns over malware, ransomware and phishing as key threats to MSP customers, WebTitan adds a highly effective layer of...

Read More
Several Employee Email Accounts Compromised in UnityPoint Health Phishing Attack
Apr16

Several Employee Email Accounts Compromised in UnityPoint Health Phishing Attack

UnityPoint Health has discovered the email accounts of several employees have been compromised and accessed by unauthorized individuals. Access to the employee email accounts was first gained on November 1, 2017 and continued for a period of three months until February 7, 2018, when the phishing attack was detected and access to the compromised email accounts was blocked. Upon discovery of the phishing attack, UnityPoint Health engaged the services of a computer forensics firm to investigate the scope of the breach and the number of patients impacted. The investigation revealed a wide range of protected health information had potentially been obtained by the attackers, which included names in combination with one or more of the following data elements: Medical record number, date of birth, service dates, treatment information, surgical information, lab test results, diagnoses, provider information, and insurance information. The security breach has yet to appear on the Department of Health and Human Services’ breach portal, so it is currently unclear exactly how many patients have...

Read More
JotForm Announces HIPAA Compliant Form Software
Apr14

JotForm Announces HIPAA Compliant Form Software

Healthcare providers that want to collect data from patients via websites and patient portals need to develop their own forms that meet HIPAA requirements or use HIPAA compliant form software. Regardless of the option chosen, safeguards must be incorporated into forms to ensure the confidentiality and integrity of protected health information (PHI) and satisfy the requirements of the HIPAA Security Rule. Safeguards must protect PHI throughout the collection process, both at rest and in transit. Collecting information using physical forms is practical in certain situations, although that places an administrative burden on employees who must enter form data into hospital systems. Transitioning to digital forms improves efficiency. Patients can complete prescription fill requests online, provide updates to their medical histories, and make online online. Healthcare providers can also create digital onboarding forms to efficiently sign up new patients, obtain consent forms, and create online questionnaires. Healthcare providers can avoid headaches by using third-party HIPAA compliant...

Read More
Lack of Security Awareness Training Leaves Healthcare Organizations Exposed to Cyberattacks
Apr09

Lack of Security Awareness Training Leaves Healthcare Organizations Exposed to Cyberattacks

A recent study conducted by the Ponemon Institute on behalf of Merlin International has revealed healthcare organizations are failing to provide sufficient security awareness training to their employees, which is hampering efforts to improve their security posture. Phishing is a major security threat and the healthcare industry is being heavily targeted. Phishing offers threat actors an easy way to bypass healthcare organizations’ security defenses. Threat actors are now using sophisticated tactics to evade detection by security solutions and get their emails delivered. Social engineering techniques are used to fool employees into responding to phishing emails and disclose their login credentials or install malware. Phishing is used in a high percentage of cyberattacks on healthcare organizations. Research conducted by Cofense (formerly PhishMe) suggests as many as 91% of cyberattacks start with a phishing email. While security solutions can be implemented to block the majority of phishing emails from being delivered to end users’ inboxes, it is not possible to block 100% of...

Read More
Cofense Enhances Security Awareness and Employee Conditioning Solutions
Apr07

Cofense Enhances Security Awareness and Employee Conditioning Solutions

Cofense has announced it has made several enhancements to its phishing training, simulation, and response platform to make it even easier for companies to improve their defenses against phishing attacks – The number one cybersecurity threat faced by organizations in the healthcare sector. While technological anti-phishing solutions can reduce the volume of malicious emails that are delivered to end users’ inboxes, some phishing emails will still be delivered. It is therefore essential – and a requirement of HIPAA – for employees to receive training to help them identify phishing threats. Research conducted by Cofense has shown that organizations can reduce susceptibility to phishing attacks by up to 95% through security awareness training, when training is reinforced with phishing simulations. The Cofense PhishMe training and phishing simulation platform helps organizations improve the security awareness of their employees and conditions them to respond appropriately when potentially malicious messages are received. In addition to regular additions to the library of training...

Read More
Cofense Reporter for Mobile Launched to Accelerate Reporting of Phishing Attacks
Apr05

Cofense Reporter for Mobile Launched to Accelerate Reporting of Phishing Attacks

Cofense Reporter, the phishing email reporting solution used on more than 11 million endpoints to report phishing attacks in progress, has now been released in a mobile-friendly format. The solution allows employees to report phishing attacks, regardless of the device used to check work emails. The HIPAA Security Rule requires covered entities to provide security awareness training to employees to help prevent the exposure or theft of protected health information. Training helps employees to recognize phishing threats before they lead to a data breach. Since phishing emails are likely to be sent to multiple employees, security teams need to act quickly when a phishing attack is identified. A solution that allows phishing emails to be reported by employees will help to increase the speed at which threats can be mitigated. Cofense’s solution – Cofense Reporter – allows employees to report phishing emails with a single click of the mouse. The emails are sent to security teams allowing all other instances of the email to be rapidly removed from employees’ inboxes. Phishing email...

Read More
Verizon PHI Breach Report Confirms Healthcare Has Major Problem with Insider Breaches
Apr03

Verizon PHI Breach Report Confirms Healthcare Has Major Problem with Insider Breaches

Verizon has released its annual Protected Health Information Breach Report which delves deep into the main causes of breaches, why they occur, the motivations of internal and external threat actors, and the main threats to the confidentiality, integrity, and availability of PHI. For the report, Verizon analyzed 1,368 healthcare data breaches and incidents where protected health information (PHI) was exposed but not necessarily compromised. The data came from 27 countries, although three quarters of the breached entities were based in the United States where there are stricter requirements for reporting PHI incidents. In contrast to all other industry sectors, the healthcare industry is unique as the biggest security threat comes from within. Insiders were responsible for almost 58% of all breaches with external actors confirmed as responsible for just 42% of incidents. The main reason for insider breaches is financial gain. PHI is stolen to commit identity theft, credit card fraud, insurance fraud, and tax fraud. Verizon determined that 48% of all internal incidents were conducted...

Read More
QliqSOFT Launches Snap & Fax Service to Integrate Faxing Capability into its Secure Messaging App
Mar30

QliqSOFT Launches Snap & Fax Service to Integrate Faxing Capability into its Secure Messaging App

The secure messaging platform provider QliqSOFT has launched a new clinical collaboration solution that allows physicians and nurses to integrate their current medical fax solution into their daily mobile-focused workflow. Faxing may now be an antiquated method of communication, but faxes are still extensively used in healthcare to send important patient information and are an integral part of healthcare workflows. While alternative communications services have been widely adopted in other industries, faxing still accounts for approximately three quarters of all medical communications in healthcare. The new QliqSOFT service, named Snap & Fax, brings faxing into the modern era. The service allows healthcare professionals to quickly create and fax documents directly from their mobile phones using the Qliq secure texting mobile app. The new service provides the same functions of traditional fax machines with the added convenience of sending documents directly from mobile devices and not having to print out or scan documents. The solution is based on QliqSOFT’s Snap & Sign...

Read More
Centra Health Chooses QliqSOFT to Improve Clinical Collaboration
Mar28

Centra Health Chooses QliqSOFT to Improve Clinical Collaboration

Providing quality care to patients requires collaboration with specialists from different teams within a healthcare facility, and oftentimes with third-party healthcare providers across the country. Many of those organizations use different EHR systems which makes quick and efficient communication and collaboration a major challenge. While it is possible to communicate on the telephone and send information via email and fax, those communication channels are far from efficient. The Virginia cancer care center, Centra Health, grew frustrated with communications problems and sought a solution that could be used to document and share information about the stage of lung cancer patients’ tumors with the entire care team. Centra Health considered several secure communication platforms before opting to implement QliqSOFT’s communications solution. The platform proved to be a huge success, speeding up communication and allowing the entire care team to collaborate efficiently, eliminating phone tag and frustrating communication delays. Once the communication benefits for lung cancer patients...

Read More
Palo Alto Networks Completes Acquisition of Evident.io
Mar26

Palo Alto Networks Completes Acquisition of Evident.io

Evident.io, a leader in the field of public cloud services infrastructure protection, has been acquired by Palo Alto Networks for $300 million in cash. Palo Alto Networks is already a leader in cloud security. The company has developed its VM-Series of virtualized next-gen firewalls which provide in line cloud security, Traps provides host-based protection, and API-based security covers public cloud services infrastructure. Evident.io is also a leader in the field of cloud security. The Evident Security Platform allows organizations to proactively manage cloud security risk, reduce the attack surface, and improve security posture. The platform continuously monitors Azure and AWS deployments, assesses security risks, and provides expert guidance on remediation. Palo Alto believes that the acquisition of a leader in the field of public cloud services infrastructure protection will enable the company to strengthen its position and extend its leadership in the field. Evident.io solutions will be integrated into the Palo Alto range and will allow customers to use a single approach to...

Read More
Healthcare Data Breach Statistics
Mar20

Healthcare Data Breach Statistics

We have compiled healthcare data breach statistics from October 2009 when the Department of Health and Human Services’ Office for Civil Rights first started publishing summaries of healthcare data breaches on its website. The healthcare data breach statistics below only include data breaches of 500 or more records as smaller breaches are not published by OCR. The breaches include closed cases and breaches still being investigated by OCR. Our healthcare data breach statistics clearly show there has been an upward trend in data breaches over the past 9 years, with 2017 seeing more data breaches reported than any other year since records first started being published. There have also been notable changes over the years in the main causes of breaches. The loss/theft of healthcare records and electronic protected health information dominated the breach reports between 2009 and 2015, although better policies and procedures and the use of encryption has helped reduce these easily preventable breaches. Our healthcare data breach statistics show the main causes of healthcare data breaches...

Read More
SafeDNS Partners with Internet Watch Foundation
Mar18

SafeDNS Partners with Internet Watch Foundation

The web filtering platform provider SafeDNS has been helping consumers and businesses control the content that can be accessed via their wired and wireless networks since 2013. SafeDNS is already a ‘Friendly WiFi’ accredited company and its solutions ensure minors can access the Internet safely and securely and avoid sexual content and other age-inappropriate websites. Now the Alexandria, VA-based firm has announced it has partnered with the Internet Watch Foundation (IWF), and through membership with the organization, has taken another step toward making the Internet a cleaner and safer place. The IWF is a not-for-profit organization committed to cleaning up the Internet and removing images and video content of child abuse, child pornography, and other criminally obscene website content. The organization searchers for images of child abuse and allows Internet users to anonymously report any websites, webpages, and forums where such images are hosted. The IWF plays a major role in taking down the content and helps to bring the perpetrators to justice. The IWF also maintains a Child...

Read More
NH-ISAC Partnership with Anomali Helps Accelerate Threat Detection and Information Sharing in Healthcare
Mar17

NH-ISAC Partnership with Anomali Helps Accelerate Threat Detection and Information Sharing in Healthcare

Anomali has partnered with the National Health Information Sharing and Analysis Center (NH-ISAC) and will be providing threat intelligence to healthcare organizations through NH-ISAC. Anomali will be providing NH-ISAC with the required tools and infrastructure to allow its members to collaborate and share threat intelligence with other members. Anomali will be providing up to date threat intelligence on new and current external threats specific to the healthcare industry allowing NH-ISAC members to take proactive steps to minimize risk. Anomali’s early warning system helps healthcare organizations respond to threats quickly when suspicious activity is detected on a network. NH-ISAC members include hospitals, health insurers, medical research institutions, pharma companies, ambulatory providers, medical device manufacturers and other healthcare stakeholders. NH-ISAC community members help each other use physical and cyber threat intelligence to inform security decisions and mitigate threats. The new collaboration between NH-ISAC and Anomali will help empower the healthcare community...

Read More
Is Google Calendar HIPAA Compliant?
Mar07

Is Google Calendar HIPAA Compliant?

Is Google Calendar HIPAA compliant? Can the time management and calendar scheduling service be used by healthcare organizations or would use of the service be considered a violation of HIPAA Rules? This post explores whether Google supports HIPAA compliance for the Google Calendar service.   Google Calendar was launched in 2006 and is part of Google’s G Suite of products and services. Google Calendar could potentially be used for scheduling appointments, which may require protected health information to be added. Uploading any protected health information to the cloud is not permitted by the HIPAA Privacy Rule unless certain HIPAA requirements have first been satisfied. A risk analysis must be conducted to assess potential risks to the confidentiality, integrity, and availability of ePHI. Risks must be subjected to a HIPAA-compliant risk management process and reduced to an acceptable level. Access controls must be implemented to ensure that ePHI can only be viewed by authorized individuals, appropriate security controls must be in place to prevent unauthorized disclosures, and an...

Read More
SonicWall Cyber Threat Report 2018 Shows 71% Decrease in Ransomware Attacks
Mar06

SonicWall Cyber Threat Report 2018 Shows 71% Decrease in Ransomware Attacks

The SonicWall Cyber Threat Report 2018 published this week indicates the volume of ransomware attacks has fallen considerably over the course of the past year, dropping from 638 million attacks in 2016 to 184 million attacks in 2017. While the fall of more than 71% is certainly good news, there has been a notable rise in the ransomware variants used and a sizeable increase in the use of other malware. Between 2016 and 2017 there was a 101.2% rise in ransomware variants in use. SonicWall Captured 2,855 unique ransomware variants in 2017 and reports an 18.4% increase in malware attacks. In 2017, the number of malware attacks rose to 9.32 billion. Ransomware attacks may be down year-over-year, but SonicWall predicts the number of attacks will rise in 2018, albeit targeting different devices. IoT and mobile attacks are likely to become much more common in 2018. SSL/TLS traffic has increased by 24% in the past year as businesses switch from HTTP to HTTPS to provide greater protection for their customers. Cybercriminals have followed suit and are increasingly using SSL/TLS encryption to...

Read More
SpamTitan v7.00 Release Sees Bitdefender Used as Primary AV Engine
Mar05

SpamTitan v7.00 Release Sees Bitdefender Used as Primary AV Engine

TitanHQ has announced the release of a new version of its leading cloud-based anti spam service. SpamTitan v7.00 includes several important updates to better protect users from malicious emails and known threats, including patches for recently discovered vulnerabilities in the ClamAV anti-virus engine. One of the notable changes in the new version is a change to the primary anti-virus engine. SpamTitan v7.00 now offers award-winning anti-malware and ransomware protection through Bitdefender. The change to the Romanian-based antivirus company is part of a growing strategic relationship with the firm that will see further collaboration over the coming weeks and months. The secondary AV engine will continue to be provided by ClamAV. TitanHQ has confirmed that support for Kaspersky AV – the primary AV engine on previous releases of SpamTitan – will stop from May 1, 2018. TitanHQ said its mission is “to provide secure, reliable and affordable security solutions to our partners and customers. Our team continually develops our product suite, implementing customer feedback and feature...

Read More
PhishMe Rebrands as Cofense and Announces Acquisition by Private Equity Syndicate
Feb26

PhishMe Rebrands as Cofense and Announces Acquisition by Private Equity Syndicate

PhishMe, the leading provider of human phishing defense solutions, has announced that from February 26, 2018, the firm will be known as Cofense. Along with the name change, the firm has announced it has been acquired by a private equity syndicate, which valued the firm at $400 million. PhishMe was formed in 2007 with the aim of developing products and services to tackle the growing threat from phishing. Employees have long been viewed as the weakest link in security, yet the human element of security defenses was often neglected. Over the years, PhishMe developed its products and services to help companies improve their last line of defense and turn security liabilities into security assets. PhishMe has helped thousands of organizations improve their defenses against phishing through training and phishing simulations. The firm has also developed a range of associated products and services including a reporting platform that has now been adopted by more than 2 million users, as well as incident response and threat intelligence services. While phishing defense is still at the heart...

Read More
AJMC Study Reveals Common Characteristics of Hospital Data Breaches
Feb20

AJMC Study Reveals Common Characteristics of Hospital Data Breaches

The American Journal of Managed Care has published a study of hospital data breaches in the United States. The aim of the study was to identify common characteristics of hospital data breaches, what the biggest problem areas are, the main causes of security incidents and the types of information most at risk. The study revealed hospitals are the most commonly breached type of healthcare provider, accounting for approximately 30% of all large healthcare security incidents reported to the Department of Health and Human Services’ Office for Civil Rights by providers between 2009 and 2016. Over that 7-year time period there were 215 breaches reported by 185 nonfederal acute care hospitals and 30 hospitals experienced multiple breaches of 500 or more healthcare records. One hospital experienced 4 separate breaches in the past 7 years, five hospitals had 3 breaches, and 24 hospitals experienced 2 breaches. In addition to hospitals experiencing the highest percentage of security breaches, those breaches also resulted in the theft/exposure of the highest number of health records. While...

Read More
Barracuda Launches New Security Insight Platform
Feb15

Barracuda Launches New Security Insight Platform

The cloud security and data protection company Barracuda has launched a new Security Insight platform that offers real-time threat intelligence and security risk data on the latest threats around the world. Having visibility into the latest threats allows security teams to take proactive steps to improve their defenses against real-world threats and assess the current threat level. Via the platform, users can view summaries and detailed information on web, email, endpoint, and network attacks tracked by Barracuda. For many companies, it is only when a cyberattack and data breach occurs that they become aware of a new threat. Threat intelligence such as that provided through Barracudas Security Insight raises awareness of attacks that are currently taking place around the globe – Awareness of those threats helps businesses take action to improve their security posture. Barracuda performs large-scale analyses of data collected from a wide range of sources which is summarized and presented through the Security Insight platform. The summaries are easy to read and provide bite-sized...

Read More
January 2018 Healthcare Data Breach Report
Feb14

January 2018 Healthcare Data Breach Report

Our January 2018 Healthcare Data Breach Report details the healthcare security incidents reported to the Department of Health and Human Services’ Office for Civil Rights in January 2018. There were 21 security breaches reported to OCR in January which is a considerable improvement on the 39 incidents reported in December 2017. Last month saw 428,643 healthcare records exposed. While there was a 46.15% drop in the number of healthcare data breaches reported in January month over month, 87,022 more records were exposed or stolen than in December. January was the third consecutive month where the number of breached records increased month over month. The mean breach size in January was 20,412 records – very similar to the mean breach size in December 2017 (20,487 records). However, the high mean value was due to a particularly large breach of 279,865 records reported by Oklahoma State University Center for Health Sciences. In January, the healthcare data breaches reported were far less severe than in December. In January the median breach size was 1,500 records. In December it was...

Read More
Webroot Provides DNS Web Filtering for Guest WiFi
Feb14

Webroot Provides DNS Web Filtering for Guest WiFi

Webroot has expanded its SecureAnywhere DNS filtering service to include guest WiFi networks. The new service uses the firm’s domain layer security and content filtering service and ensures high availability of WiFi access via Webroot’s DNS global servers. Businesses are now under pressure to provide free Wi-Fi access throughout their establishment, with many customers choosing businesses based on whether WiFi access is provided. However, Wi-Fi networks can be hijacked and hacked placing customers at risk. Businesses also need to take care to ensure that their WiFi connections are not abused and used for illegal activities such as copyright infringing downloads and the accessing of criminally obscene website content. Webroot’s cloud-based SaaS has been developed to solve the problem and allows businesses to easily provide clean, safe, and secure WiFi access to guests. The solution has been developed to be easy to implement and use, even by those with little technical ability. Setting up content filtering on WiFi networks requires a minor change to DNS settings to redirect guest...

Read More
Healthcare Industry Scores Poorly on Employee Security Awareness
Feb13

Healthcare Industry Scores Poorly on Employee Security Awareness

A recent report published by security awareness training company MediaPro has revealed there is still a lack of preparedness to deal with common cyberattack scenarios and privacy and security threats are still not fully understood by healthcare professionals. For MediaPro’s 2017 State of Privacy and Security Awareness Report, the firm surveyed 1,009 US healthcare industry employees to assess their level of security awareness. Respondents were asked questions about common privacy and security threats and were asked to provide answers on several different threat scenarios to determine how they would respond to real world threats. Based on the responses, MediaPro assigned respondents to one of three categories. Heroes were individuals who scored highly and displayed a thorough understanding of privacy and security threats by answering 93.5%-100% of questions correctly. Novices showed a reasonable understanding of threats, answering between 77.4% and 90.3% of answers correctly. The lowest category of ‘Risks’ was assigned to individuals with poor security awareness, who scored 74.2% or...

Read More
Barracuda Acquired by Thoma Bravo in $1.6 Billion Deal
Feb12

Barracuda Acquired by Thoma Bravo in $1.6 Billion Deal

The cloud security and data protection firm Barracuda Networks Inc., has been acquired by the private equity investment firm Thoma Bravo in a deal worth $1.6 billion. Financing for the acquisition was provided by Goldman Sachs & Co. LLC, Credit Suisse, and UBS Investment Bank. Barracuda will continue to operate as a privately held company. Barracuda shareholders will receive $27.55 per share of common stock they hold. “Thoma Bravo has an excellent history of investing in growing security businesses, and this transaction speaks to the value and strength of Barracuda’s security platform, which helps customers protect and manage their networks, applications, and data. I expect that our employees, customers, and partners will benefit from this partnership,” said BJ Jenkins, chief executive officer of Barracuda. Barracuda currently protects more than 150,000 customers from email, web, and network attacks with its platform used to protect workloads and applications from the full range of malicious attacks. Its cybersecurity solutions can be centrally managed in...

Read More
PhishMe (Now Cofense) Wins Five Cybersecurity Awards
Feb10

PhishMe (Now Cofense) Wins Five Cybersecurity Awards

PhishMe (now Cofense) has collected five 2018 Cybersecurity Excellence Awards for its phishing defense solutions. The Cybersecurity Excellence Awards program is produced by Cybersecurity Insiders in partnership with the Information Security Community on LinkedIn. The awards program recognizes excellence in the field of cybersecurity with awards being given to companies that have demonstrated excellence, leadership, and innovation in information security. This year there were more than 400 entries across 70 different categories. The awards winners were selected based on the strength of their nominations and members of the Information Security Community are required to vote for their best loved products and services. The finalists for the awards were announced on February 1 and the winners on February 7. To even be named as a finalist confirms that a company has developed exceptional products and services that help businesses protect their networks and data against cyberattacks. Cybersecurity Insiders notes that “All winners and finalists reflect the very best in today’s...

Read More
Symantec Offers Solution for Filtering Uncategorized Websites
Feb06

Symantec Offers Solution for Filtering Uncategorized Websites

Organizations that have implemented URL filtering to control the websites that employees are allowed to access can easily filter websites by category. However, not all websites are categorized, which creates a problem with URL filtering. Without a category, applying category controls is not possible. Now, Symantec has offered a solution to the problem. When new websites are created it takes time for categories to be applied and the lag poses problems for URL filtering. The solution chosen by many organizations has been an all or nothing approach. Block all uncategorized websites or allow them to be accessed. When a category is assigned to the sites, they will be subjected to standard filtering controls. The allow all approach could permit malicious websites to be accessed, while the deny all approach means potentially useful websites will be unnecessarily blocked. While IT departments may be willing to accept the latter, it can result in an increase in support calls to the helpdesk. The Blue Coat Web Filter URL database is comprehensive, although the same problem with uncategorized...

Read More
TitanHQ Partners with HTG Peer Groups
Feb04

TitanHQ Partners with HTG Peer Groups

At the HTG Peer Groups Q1 quarterly meeting in Las Vegas, TitanHQ, the leading provider of cloud-based web filtering and anti-spam solutions, announced it has partnered with HTG: The international coaching, consulting, and peer group organization. The new partnership sees TitanHQ become a Gold vendor, with its cybersecurity solutions made instantly available to HTG community members. HTG was formed in 2000 with the aim of helping businesses expand and realize their full potential. HTG consultants provide insights and share wisdom with business leaders to help them create the accountability and structure necessary to make their businesses a success. Through HTG, business leaders can maximize their potential using tried and tested strategic systems. The path to profitability and success inevitably involves some setbacks and having a partner to provide support and guidance through difficult times can make a big difference. Many companies also require help to avoid common problems: problems that can cause significant, and sometimes catastrophic, losses. One area of concern voiced by...

Read More
Phishing Attack on Business Associate Exposes Forrest General Hospital Patients’ PHI
Feb02

Phishing Attack on Business Associate Exposes Forrest General Hospital Patients’ PHI

The management consulting company HORNE LLP, a business associate of Forrest Health’s Forrest General Hospital, is notifying certain hospital patients that some of their protected health information (PHI) has potentially been obtained by a third party after access was gained to the email account of one of its employees. HORNE provides certain Medicare reimbursement services to Forrest General Hospital and as such, requires access to patients’ PHI. HORNE became aware of an email account breach on November 1, 2017 when it discovered the email account of an employee was being used to send phishing emails. The discovery prompted the shut down of the email account and an investigation into a potential breach was launched. That investigation revealed an unauthorized individual had gained access to the employee’s email account the previous day as a result of the employee responding to a phishing email. The phishing attack was investigated by a third-party investigator to determine the nature and extent of the breach and whether the PHI of any patients had been exposed. The investigation...

Read More
Analysis of Healthcare Data Breaches in 2017
Jan24

Analysis of Healthcare Data Breaches in 2017

A summary and analysis of healthcare data breaches in 2017 has been published by Protenus. Data for the report is obtained from Databreaches.net, which tracks healthcare data breaches reported to OCR, the media, and other sources. The 2017 breach report gives an indication of the state of healthcare cybersecurity.  So how has 2017 been? There Were at Least 477 Healthcare Data Breaches in 2017 In some respects, 2017 was a good year. The super-massive data breaches of 2015 were not repeated, and even the large-scale breaches of 2016 were avoided. However, healthcare data breaches in 2017 occurred at rate of more than one per day. There were at least 477 healthcare data breaches in 2017 according to the report. While all those breaches have been reported via one source or another, details of the nature of all the breaches is not known. It is also unclear at this stage exactly how many healthcare records were exposed. Numbers have only been obtained for 407 of the breaches. There was a slight increase (6%) in reported breaches in 2017, up from 450 incidents in 2016. However, there was...

Read More