The number of healthcare breaches nearly tripled with a fourfold increase in the number of records compromised.
The massive increase was primarily due to ransomware attacks include a massive attack on Blackbaud, which provides cloud services, financial management and analytics for a large number of non-profit organizations including foundations, universities, hospitals and healthcare organizations.
According to Databreaches.net the total number of healthcare organizations is not yet clear, but at last count at least 80 healthcare organizations are known to have been affected covering more than 10 million patient records, since the breach was first made public in July.
According to TheNonProfitTimes Blackbaud knew there was a problem by May 14, 2020, when there was a suspicious log-in on an internal server. The company’s cybersecurity team tracked the hackers, and found them to be very skilled as the hackers evaded some of the investigators attempts to block them.
“The attack was sophisticated enough that it initially looked like legitimate customer activity," a company quoted by TheNonProfitTimes. "When it escalated, the attack evaded our endpoint detection, intrusion prevention, and monitoring processes,” It was eventually tracked back to the Feb. 7 date."
In the months before September the HHS Office for Civil Rights had imposed penalties for breaches on three institutions. Already in September there were 8 HIPAA settlements.
Sources: OCR Breach portal, Databreaches.net and TheNonPorfitTimes
According to Databreaches.net the total number of healthcare organizations is not yet clear, but at last count at least 80 healthcare organizations are known to have been affected covering more than 10 million patient records, since the breach was first made public in July.
According to TheNonProfitTimes Blackbaud knew there was a problem by May 14, 2020, when there was a suspicious log-in on an internal server. The company’s cybersecurity team tracked the hackers, and found them to be very skilled as the hackers evaded some of the investigators attempts to block them.
“The attack was sophisticated enough that it initially looked like legitimate customer activity," a company quoted by TheNonProfitTimes. "When it escalated, the attack evaded our endpoint detection, intrusion prevention, and monitoring processes,” It was eventually tracked back to the Feb. 7 date."
In the months before September the HHS Office for Civil Rights had imposed penalties for breaches on three institutions. Already in September there were 8 HIPAA settlements.
Sources: OCR Breach portal, Databreaches.net and TheNonPorfitTimes
No comments:
Post a Comment