Four years after its public disclosure, the Misfortune Cookie vulnerability continues to be a threat. The critical vulnerability was reported initially in 2014 by Check Point researchers, who found it lodged in some versions of the RomPager embedded web server, used for hosting the web-based administration panel by about 200 router models from different makers.
It turns out that the same versions of RomPager affected by the Misfortune Cookie run on different variants of Capsule Datacatptor Terminal Server (DTS) that is part of the medical device information system. The device is used in hospitals to connect bedside equipment (anesthesia and infusion pumps, respirators and IoT products) to the network.
Read more about the new threat posed by the 4-year old Misfortune Cookie vulnerability on BleepingComputer.
Augusta University Health said it was hit with a data breach that exposed the personal information of some 417,000 patients, faculty, and students at the Georgia institution.
Names, addresses, dates of birth, lab test results, diagnoses, medications, surgeries, and health insurance information were among the data exposed, as well as a “small percentage” of driver’s license and Social Security numbers, according to the hospital system, the HIPAA Journal reported.
Read more about the data breach, which was the result of a successful phishing attack that occurred in September 2017, on DarkReading.
A decade has passed since we learned about pacemaker hacks, but still implantable medical devices that can save patients’ lives can be hacked to potentially kill them. Even now, as was highlighted at Black Hat USA, attackers can cause pacemakers to deliver a deadly shock to the heart or deny a life-saving shock, as well as prevent insulin pumps from delivering insulin.
At the recent Black Hat and Def Con security conferences in Las Vegas, one set of researchers showed off hacks to pacemakers and insulin pumps that could potentially prove lethal, while another researcher explained how hospital patients’ vital signs could be falsified in real time.
Read more about the disturbing discoveries relating to medical device insecurity on CSO.
OpenEMR is a popular, open-source software solution for the management of millions of electronic patient records worldwide. However, the software, until recently, also contained over 20 severe security issues.
Discovered by Project Insecurity and disclosed in a security advisory (.PDF), the team said the bugs included multiple instances of SQL injection flaws, multiple security problems which could lead to remote code execution, and vulnerabilities leading to unauthenticated information disclosure.
Read more about the 20 severe bugs that were found in OpenEMR by a single cybersecurity group, on ZDNet.
A MongoDB database was exposed online that contained health care information for 2 million patients in Mexico. This data included information such as the person’s full name, gender, date of birth, insurance information, disability status, and home address.
The database was discovered by security researcher Bob Diachenko via Shodan, which is a search engine for all Internet connected devices and not just web servers. When discovered, this database was fully exposed to the Internet and could be accessed and edited by anyone without a password.
Read more about the massive health care data breach affecting 2 million patients in Mexico on BleepingComputer.
Thus far in 2018, organizations and individuals worldwide have experienced a large number of high profile cyber attacks, with criminals stealing billions of dollars as well as personal information from hundreds of millions of people.
Black Hat USA, an annual cybersecurity conference taking place in August, is a great opportunity for practitioners to get a glimpse into both emerging attack vectors and the latest technologies designed to protect against these attacks.
Read why Idan Ninyo, CTO at YL Ventures, believes that cybersecurity trends related to cryptocurrencies, medical devices and machine learning warrant a closer investigation at this year’s conference, on Help Net Security.
UnityPoint Health, a multi-hospital group serving parts of Iowa, Illinois, and Wisconsin, is alerting 1.4 million patients to the second data breach the company has suffered this year. And it’s not just the second breach; it’s the second breach initiated through a phishing attack.
The most recent breach targeted employee email accounts, which could lead to the compromise of sensitive data. It is possible payment card information was obtained by the attacker(s) as well.
Read more about the UnityPoint Health second breach this year, which is far larger than the first, on DarkReading.
Sensitive and personal data of hundreds of thousands of people at Boys Town National Research Hospital have been exposed in what appears to be the largest ever reported breach by a pediatric care provider or children’s hospital.
According to the U.S. Department of Health and Human Services Office for Civil Rights, the breach incident affected 105,309 individuals, including patients and employees, at the Omaha-based medical organization.
Read more about the Boys Town data breach, which was discovered by the organization on May 23, 2018, on The Hacker News.
Singapore has suffered its “most serious” data breach, compromising personal data of 1.5 million healthcare patients including that of its Prime Minister Lee Hsien Loong. The affected users are patients of SingHealth, which is the country’s largest group of healthcare institutions.
Non-medical personal details of 1.5 million patients who visited SingHealth’s specialist outpatient clinics and polyclinics between May 1, 2015, and July 4, 2018, had been accessed and copied. The stolen data included patients’ name, national identification number, address, gender, race, and date of birth.
Read more about the cyber attack on SingHealth, which the Singaporean government has described as “deliberate, targeted, well-planned”, on ZDNet.
LabCorp, the US’ biggest blood testing laboratories network, has announced that hackers breached its IT network over the weekend. “At this time, there is no evidence of unauthorized transfer or misuse of data,” the company said. “LabCorp has notified the relevant authorities of the suspicious activity and will cooperate in any investigation.”
LabCorp did not provide any details about the incident but said it shut down various portions of its systems to contain the intrusion. The hack could be dangerous, because although the company is trying to play down the incident, even the smallest hack affecting this organization has serious repercussions for millions of Americans.