Network Security
Vulnerability Management
Privileged Access Management
Endpoint Security
Threat Hunting
Unified Endpoint Management
Email & Collaboration Security
Contents:
Transformative Healthcare announces Fallon Ambulance data breach exposed sensitive information of 911,757 customers.
Fallon ceased operations in December 2022 but is still responsible for a data storage archive that hackers targeted with ransomware. The ALPHV threat group a.k.a. BlackCat, claimed responsibility for the cyberattack.
What`s the Impact of the Fallon Ambulance Data Breach
Security experts discovered the data breach in April 2023 when hackers accessed Fallon’s archived data.
According to the breach notification the former company sent to customers, the intrusion spanned from February 17th to April 22nd, 2023. So, hackers had unauthorized access to the customers` data for over two months.
Reportedly, threat actors extracted one terabyte of data, including sensitive medical information:
- medical reports
- paramedics reports
- Social Security numbers
- COVID-19 testing and vaccination information
Additionally, the Fallon Ambulance data breach exposed names, driver’s license numbers, addresses, and bills.
The former healthcare service said for the moment there were no proofs of identity theft attempts:
While we currently have no evidence of identity theft or fraud related to your information as a result of this matter, we are notifying you to provide you with information and steps you can take to help protect your information.
Source – Transformative Healthcare notification letter
However, the stolen data are enough for malicious actors to perform online impersonation and phishing attacks.
Healthcare Services on a Hot Spot
According to Chief Health Executive, healthcare cyberattacks affected around 106 million people in 2023. John Riggi, Senior Cybersecurity Advisor for the American Hospital Association (AHA) said the latest attacks were both more effective and damaging. In his opinion
Ransomware and other cyber attacks on hospitals have evolved. The crime itself has changed from one that is financially motivated to an act that also represents a threat to life that endangers public health.
The defenses and strategies to protect against these threats, and the enforcement actions taken to punish the attackers, need to change too.
Source – John Riggi article on ransomware attacks
Additionally, AHA`s Senior Advisor for Cybersecurity says most ransomware attacks targeting healthcare services rely on exploiting unpatched known vulnerabilities.
In the battle against cybercrime, automated patch management and other XDR integrated tools are a critical part of the defense strategy.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, and Youtube, for more cybersecurity news and topics.
- End-to-end consolidated cybersecurity;
- Complete visibility across your entire IT infrastructure;
- Faster and more accurate threat detection and response;
- Efficient one-click automated and assisted actioning
