Get Permission
A California-based eye care provider – which also handles billing and other administrative services for a separate local surgery practice – says its online storage vendor was recently hit by hackers and paid a ransom for the return of patient data stolen from both entities. In a statement, Harvard Eye Associates says its unnamed storage vendor – after consulting with cybersecurity experts and the FBI – decided to pay the hackers in exchange for returning the data pertaining to both its practice and Alicia Surgery Center, both based in Laguna Hills, California.
Harvard Eye Associates provides billing and other administrative services for Alicia Surgery Center, both entities note in their breach notification statements. Harvard Eye uses some of our patient information in order to provide services, Alicia Surgery Centers says.
Get Permission
Many of the major health data breaches added to the federal tally so far this year involve business associates, continuing a trend in recent years.
The largest breach added so far in 2021 to the U.S. Department of Health and Human Services HIPAA Breach Reporting Tool website – which lists health data breaches affecting 500 or more individuals – is a vendor hacking incident reported on Jan. 29 by Florida Healthy Kids Corp., a provider of children s health and dental health plans in Florida.
That breach – reported as affecting 3.5 million individuals - involved Jelly Bean Communications Design, a website hosting vendor that the health plans provider says failed to address vulnerabilities over a seven-year period, leaving patient data potentially exposed. Plus, the hackers tampered with some of that data, Healthy Florida Kids Corp. said in its breach notification statement last month.
Hospitals Suffer New Wave of Hacking Attempts
News Highlights: Hospitals Suffer New Wave of Hacking Attempts.
Hackers are increasingly attempting to break into healthcare companies, putting extra pressure on an industry that is already struggling to contain the coronavirus pandemic.
Persistent threats come from ransomware gangs, financial scammers and hackers backed by nation-states, current and former hospital security chiefs say.
“The logs and the graphs show, oh man, these have increased, that’s hard to deny,” said Christopher Stroud, technology manager at Great Plains Health, a hospital in North Platte, Neb., Serving approximately 183,000 patients. one month.
Recommended
Great Plains Health normally blocks about 10,000 attempts every day to access its servers, said Mr. Stroud. After it began its first antibody studies against the coronavirus in November, it saw that number triple on average, he said. Some days 70,000 attempts have been made.
HealthcareInfoSecurity
March 25, 2021
HealthInfoSec) • January 6, 2021 Get Permission
An EHR rollout at the University of Vermont Medical Center is being delayed due to a recent ransomware incident.
The lingering aftershocks of an October ransomware attack and ongoing COVID-19 response challenges are forcing the University of Vermont Health Network to delay the next phases of an enterprisewide electronic health record rollout.
The Burlington, Vermont-based healthcare system, which includes six hospitals and other care facilities, says it will revise planned implementation of next phases of its EHR system from Epic Systems Corp, “amid the ongoing effort to respond to the COVID-19 pandemic and restore normal operations following a recent cyberattack.”