Healthcare providers and COVID security incidents

I’ve heard on the grapevine that there are hackers out there pledging not to target healthcare institutions for the duration of this global COVID-19 pandemic.  I guess it’s only a small number in this camp, as cyber attacks against the industry have pretty much continued unabated.  Hospitals and providers remain the targets of constant attacks, and notifications to patients about security incidents are ongoing.  Tandem Diabetes Care, which manufactures medical devices for patients with diabetes, had to notify over 140,000 people about a phishing attack.  Social Security numbers and clinical information were included among the data in the compromised employee email accounts.

The numbers are less clear for University of Utah Health.  Both a phishing scheme and malware attack compelled the medical center to notify patients.  Again clinical information was among the data exposed from the compromised employee emails.  Malware was subsequently discovered as a result of the phishing investigation.

These are just two of the countless incidents that have cropped up in recent weeks.  In the US, every state has to be on the lookout for advantage-seeking cyber thieves seeking to disrupt medical operations, which are especially critical now.  As we discussed last time, there are also those who are using the coronavirus scare in their cybercrime schemes: posing as hospitals or patients to get personal information out of nervous clickers.  In these times, it’s more valuable than ever to exercise caution in what email links you click and what you’re installing on your machine.

If all of this weren’t enough, we’re now also hearing about yet another unprotected database that has been exposed and contained private information of over 200 million US citizens.  That’s more than were affected by the Equifax breach.  Totaling about 800 GB, the data contains all kinds of detailed personal, financial, even behavioral insights into its subjects.  An investigation has so far postulated that this database came from the US Census Bureau, and “belonged to a data marketing firm or a credit company,” say the analysts.

Carelessness of this magnitude is not the most helpful in light of everything going on.  I wouldn’t be surprised to hear about some of this data showing up for sale on a dark web marketplace, either in the near or far future.  I guess it just goes to show, even if there are those who vow to halt their cyber attacks during a crisis, they are few and far between.


By: Jonathan Weicher, post on March 25, 2020
Originally published at:
Copyright: NetLib Security