Kaiser Permanente: Data breach may impact 13.4 million patients
Also Inside=>Cyber attack on a university in Sweden | Unauthorized access at a financial service in Australia| Cyber attack on a cloud provider in the USA | Cyber attack on a pharmacy chain in Canada
Music of the week
The healthcare industry has experienced a surge in security breaches, with a record-breaking 725 significant incidents reported last year, according to the HIPAA Journal. Notably, among these breaches, a cyberattack in February targeted the payments processing vendor Change Healthcare, resulting in substantial financial ramifications. According to parent company UnitedHealth's first-quarter earnings report, the breach incurred costs of $872 million and caused disruptions to Change Healthcare's electronic operations, impacting numerous hospitals and medical practices nationwide.
Kaiser Permanente Reports Data Breach, Millions Potentially Affected
In a recent announcement, Kaiser Permanente, the prominent healthcare entity serving the Bay Area, has disclosed a data breach that could have far-reaching consequences for its customers. The breach, reported on Monday, indicates that personal information may have been inadvertently transmitted to third-party technology companies, including Google and X (formerly Twitter), through web cookies when users accessed Kaiser Permanente's websites or mobile applications.
The compromised data primarily encompasses IP addresses and search terms utilized while individuals were logged into their Kaiser Permanente accounts or services. However, reassuringly, sensitive information such as usernames, passwords, Social Security numbers, and financial account details were not part of the breach.
Approximately 13.4 million current and former members are now being notified about the incident. Despite Kaiser Permanente's assertion that there is no evidence of personal information misuse, the company is taking proactive measures and extending apologies for any inconvenience caused by the breach.
In a filing with federal authorities on April 12, Kaiser Foundation Health Plan disclosed the unauthorized access to its network server and confirmed that an internal investigation into the breach is underway.
Photo of the Week
The photo below explains how twitter was hacked.
Incidents from around the world
Umeå University is the subject of a major cyberattack. Västerbottens län, Sweden. On May 2, 2024. On 2 May, ITS detected an ongoing cyberattack against the University. Extra security measures have been put in place, leading to some disruption to systems and digital tools used by university staff and students.
Extensive work is underway to stop the cyberattack and carry out troubleshooting and other measures together with external specialists. {aurora.umu.se}
Firstmac hackers claim tax file numbers. Queensland, Australia. On April 30, 2024. Lender Firstmac has been hacked, with customer tax file numbers and dates of birth among the information stolen.Brisbane-based Firstmac, which gathers deposits and makes home loans, revealed the attack in an email to customers on Tuesday morning.{afr.com}
No data leakage found yet as Arts Development Council condemns cyber attack. Hong Kong, People's Republic of China. On April 30, 2024. The Hong Kong Arts Development Council condemned a cyber security incident discovered last Friday (Apr 26) which caused some operational disruptions and said no leakage or misuse of any data has been found yet. “HKADC has activated its emergency response system to block further intrusion and appointed cyber securit experts to conduct a thorough system inspection and recovery and conduct an assessment on the impact of the incident,” the statement issued on Monday read. {thestandard.com.hk}
Cyber attack on Lucid Link- cloud service provider. San Francisco, California, USA On April 30, 2024. We have confirmed a malicious attempt against our core metadata service. No file data prior to the last backup before the outage was lost and no personal or corporate information was leaked. The metadata service now needs to be restored from our backups. As a result, there is a slight chance that a few hours of work from the point of the last backup to when the attack shut down the service will be unrecoverable. {lucidlink.com/status}
Cyber attack on a pharmacy chain in Canada. Richmond, British Columbia, Canada. On April 28, London Drugs discovered that it was the victim of a cybersecurity incident. Out of an abundance of caution, London Drugs is temporarily closing stores across Western Canada until further notice. Upon discovering the incident, London Drugs immediately undertook countermeasures to protect its network and data, including retaining leading third-party cybersecurity experts to assist with containment and remediation.{Facebook.com/londondrugs}
Cybercrime and Human Factors.
From teenage cyber-thug to Europe’s most wanted
Finland- A notorious hacker who was one of Europe’s most wanted criminals has been jailed for blackmailing 33,000 therapy patients with their stolen session notes.
Julius Kivimäki's imprisonment brings to an end an 11-year cyber-crime spree that started when he rose to prominence in a network of anarchic teenage hacking gangs at the age of just 13. {BBC}
Employees who fell for it - Cybercrime/fraud
A British national extradited to the US has pleaded guilty
A British national extradited to the US has pleaded guilty in New York to a role in one of the biggest hacks in social media history.
The July 2020 Twitter hack affected over 130 accounts including those of Barack Obama and Joe Biden.
Joseph James O'Connor, 23, known as PlugwalkJoe, pleaded guilty to hacking charges carrying a total maximum sentence of over 70 years in prison.
The hacking was part of a large-scale Bitcoin scam.
O'Connor, who was extradited from Spain, hijacked numerous Twitter accounts and sent out tweets asking followers to send Bitcoin to an account, promising to double their money.
{BBC}
Cybercrime and Fraud Stories
Got stories? ever been a victim of cybercrime? Share at hiasfaleia@gmail.com
Cyber Friends
Meet Zoe- A.K.A “zoe da sailer” is a member of the #PetsofCyber club. She lives in Oregon, United States. She likes water sports with canoeing being her favorite. She was referred here by Chickadee, a #CatofCyber who is a member of the #PetsofCyberClub. They met at a community fundraiser, got talking and she decided to check things out.. #PetsofCyber #DogsofCyber
Want your pets to join our #PetsofCyber club? send their photo and bio to hiasfaleia@gmail.com. You can include your social media handles if you want to get a shout!