BOSTON (Reuters) – The FBI has warned that healthcare industry companies are being targeted by hackers, publicizing the issue following an attack on U.S. hospital group Community Health Systems Inc that resulted in the theft of millions of patient records.
“The FBI has observed malicious actors targeting healthcare related systems, perhaps for the purpose of obtaining Protected Healthcare Information (PHI) and/or Personally Identifiable Information (PII),” the agency said in a “Flash” alert obtained by Reuters on Wednesday.
By Jim Finkle and Supriya Kurane
(Reuters) – Hackers who stole the personal data of about 4.5 million patients of hospital group Community Health Systems Inc broke into the company’s computer system by exploiting the “Heartbleed” internet bug, making it the first known large-scale cyber attack using the flaw, according to a security expert.
The hackers, taking advantage of the pernicious vulnerability that surfaced in April, got into the system by using the Heartbleed bug in equipment made by Juniper Networks Inc, David Kennedy, chief executive of TrustedSec LLC, told Reuters on Wednesday.
BOSTON, Aug 19 (Reuters) – The U.S. Nuclear Regulatory
Commission was “successfully hacked” three times in recent years
in attacks involving tainted emails, according to an internal
investigation on cyber attacks at the agency, Nextgov.com
reported on Tuesday.
At least two of the attacks originated overseas, according
to the report obtained by Nextgov, a rare public report with
details of a cyber attack on the energy sector.
Mandiant says APT-18 behind hospital breach and possibly state backed. Crowdstrike calls same group Dynamite Panda and says tied to govt.
(Reuters) – Community Health Systems Inc (CYH.N: Quote, Profile, Research, Stock Buzz), one of the biggest U.S. hospital groups, said on Monday it was the victim of a cyber attack from China, resulting in the theft of Social Security numbers and other personal data belonging to 4.5 million patients.
That would make the attack the largest of its type involving patient information since a U.S. Department of Health and Human Services website started tracking such breaches in 2009. The previous record, an attack on a Montana Department of Public Health server, was disclosed in June and affected about 1 million people.