web analytics

Tennessee Heart Clinic Tells 170,000 of Hacking, Data Breach – Source: www.databreachtoday.com

tennessee-heart-clinic-tells-170,000-of-hacking,-data-breach-–-source:-wwwdatabreachtoday.com
Rate this post

Source: www.databreachtoday.com – Author: 1

Breach Notification
,
Healthcare
,
Industry Specific

Attack Detected in Mid-April But Hackers Accessed, Acquired Patient Files in March

Marianne Kolbasuk McGee (HealthInfoSec) •
August 1, 2023    

Tennessee Heart Clinic Tells 170,000 of Hacking, Data Breach
Image: The Chattanooga Health Institute

A Tennessee-based cardiac care clinic is notifying more than 170,000 patients and others that hackers may have stolen their sensitive personal and medical information in a cyberattack detected in April. The Karakurt cybercrime group claimed credit for the hack a month later.

See Also: Live Webinar | Unmasking Pegasus: Understand the Threat & Strengthen Your Digital Defense

In a report filed to Maine’s attorney general on Friday, The Chattanooga Heart Institute said that on April 17 it saw indications of a cyberattack on its IT network. The incident affected a total of 170,450 individuals, including five Maine residents, the clinic said.

The entity, which includes three vascular surgeons and 27 cardiologists at four locations in Tennessee and one in Georgia, said in a breach notice posted on its website that a forensics investigation into the incident had determined that an “unauthorized third party” gained access to its network about a month earlier, between March 8 and March 16.

“Upon discovering the unauthorized third-party access, The Chattanooga Heart Institute took quick action to protect its systems, contain the incident, begin an investigation and maintain continuity of care,” the clinic’s breach notice said.

The Chattanooga Heart Institute also notified federal law enforcement, it said. “Once secured, systems were returned to the network with additional security and monitoring tools.”

On May 31, The Chattanooga Heart Institute learned the hackers had obtained files from its systems containing copies of confidential patient information, the notice said.

While medical information was among the data affected, the incident did not involve data retrieved directly from the clinic’s electronic medical record system, The Chattanooga Heart Institute said in its report.

While the investigation is still ongoing, to date, the information identified as being compromised in the breach belongs to patients or their guarantors, the clinic said. It includes name, mailing address, email address, phone number, birthdate, driver’s license number, Social Security number, account information, health insurance information, diagnosis, medical condition, lab results, medications and other clinical, demographic or financial information, the clinic said.

“Notification letters to individuals whose data may be involved will begin to be sent out by U.S. mail over the coming weeks as the detailed review of each file is completed,” the clinic said. The Chattanooga Heart Institute will offer complimentary identity and credit monitoring services to those affected, it said.

Blog site DataBreaches.net reported that in May, Karakurt threat actors had claimed to have attacked The Chattanooga Heart Institute and to have exfiltrated 158 gigabytes of patient and employee data, but that the cybercrime group did not post proof of its claim on the dark web.

Karakurt was the subject of an alert last August by HHS’ Health Sector Cybersecurity Coordination Center.

At that time, HHS warned that the “relatively new cybercrime group” had carried out attacks globally, including against several U.S.-based healthcare and public health sector entities. Among those attacked were an assisted living facility, a dental firm, a healthcare provider and a hospital, the alert said (see: As Attacks on Healthcare Continue, Feds Warn of New Threats).

The Chattanooga Heart Institute did not immediately respond to Information Security Media Group’s request for additional details about the incident.

Similar Recent Incidents

As of Tuesday, The Chattanooga Heart Institute incident was not yet posted on the Department of Health and Human Services’ Office for Civil Rights’ HIPAA Breach Reporting Tool website listing health data breaches affecting 500 or more individuals.

The institute is among a number of other major incidents in recent months involving the exfiltration of patient data.

Those include Tampa General Hospital, a not-for-profit private hospital that has 1,040 beds and 8,000 employees and serves a dozen counties with a population of more than 4 million people. Last week, the hospital said it had been notifying 1.2 million patients of a thwarted ransomware encryption attack.

That incident, which the hospital said it detected in May, also involved exfiltration of protected health information (see: Florida Hospital Says Data Theft Attack Affects 1.2 Million).

Nine of the 10 largest HIPAA breaches posted so far this year to the HHS OCR’s website were reported as hacking/IT incidents, including several ransomware and exfiltration incidents (see: Mid-Year Health Data Breach Analysis: The Top Culprits).

Original Post url: https://www.databreachtoday.com/tennessee-heart-clinic-tells-170000-hacking-data-breach-a-22712

Category & Tags: –

Views: 0

LinkedIn
Twitter
Facebook
WhatsApp
Email

advisor pick´S post

Joas Antonio
ChatGPT for Cybersecurity by Joas Antonio dos Santos – malwareanalysis #reverseengineering
ChatGPT for Cybersecurity by Joas...
CISO2CISO Notepad Series
How Can We Structure Cybersecurity Teams To Better Integrate Security In Agile At Scale?
How Can We Structure Cybersecurity...
OCCUPYTHEWEB
Linux Basics for Hackers by Occupytheweb
Linux Basics for Hackers by...
NIST
Digital Forensics and Incident Response (DFIR) Framework for Operational Technology (OT) by NIST – Eran Salfati and Michael Pease
Digital Forensics and Incident Response...
Think Big Blog
Top 10 TED Talks to Learn about Cyber Security
Top 10 TED Talks to...
NCSC
NCSC Cyber Security for Small Business “SMEs” Guide.
NCSC Cyber Security for Small...
Marcos Jaimovich
The Silent Spectre Haunting Your Network: QPhishing, the CISO’s Unspoken Nightmare.
The Silent Spectre Haunting Your...
Marcos Jaimovich
Goodbye to Traditional: Why Conventional Cybersecurity Tools are No Longer Sufficient for the Future of Digital Threats ?
Goodbye to Traditional: Why Conventional...
Marcos Jaimovich
Why do we compare a SOC (Security Operations Center) with the cockpit of a commercial airplane? by Marcos Jaimovich
Why do we compare a...
Joas Antonio
Security Operations Center (SOC) – Tools for Operations Development by Joas Antonio
Security Operations Center (SOC) –...
IZZMIER
Incident Response Playbooks & Workflows Ready for use in your SOC & Redteams
Incident Response Playbooks & Workflows...
LOGPOINT
396 Use Cases & Siem Rules Code ready for use for Mitre Attacks Events Detection in Your SOC by Logpoint
396 Use Cases & Siem...

LASTEST PUBLISHED POSTS

CASOS DE USO APLICABLES EN UN SIEM
CASOS DE USO APLICABLES EN...
IGNITE Technologies
Burp Suite for Pentester
Burp Suite for Pentester
The Institute of Internal auditors
Auditing Risk Culture
Auditing Risk Culture
DevSecOps Guide
ATTACKING PHP APPLICATIONS
ATTACKING PHP APPLICATIONS
DevSecOps Guide
ATTACKING KUBERNETES WITH SECURITY BEST PRACTICE
ATTACKING KUBERNETES WITH SECURITY BEST...
CLTC WHITE PAPER SERIES
Guidance for the Development of AI Risk and Impact Assessments
Guidance for the Development of...
Active Directory
Active Directory IT AuditChecklist
Active Directory IT AuditChecklist
A guide to business continuity planning
A guide to business continuity...
LOG RHYTHM
Using MITRE ATT&CK™ in Threat Huntingand Detection
Using MITRE ATT&CK™ in Threat...
Kaspersky
H2 2023 – A brief overviewof main incidentsin industrial cybersecurity
H2 2023 – A brief...
Andrey Prozorov
24 Great Cybersecurity Frameworks
24 Great Cybersecurity Frameworks
ENISA-EUROPA
SEGURIDAD DE TELECOMUNICACIONES
SEGURIDAD DE TELECOMUNICACIONES

More Latest Published Posts

SF-ISAC
Digital Operational Resilience Act
Digital Operational Resilience Act
SYNGRESS
DIGITAL FORENSICS WITH Open Source TOOLS
DIGITAL FORENSICS WITH Open Source TOOLS
IT REVOLUTION DEVOPS ENTERPRISE FORUM
DevOps Automated Governance Reference Architecture
DevOps Automated Governance Reference Architecture
SANS GIAC CERTIFICATIONS
Detecting Attacks on Web Applications from Log Files
Detecting Attacks on Web Applications from Log Files
EUROPEAN DATA PROTECTION SUPERVISOR
ANNUAL REPORT 2023
ANNUAL REPORT 2023
TechTarget
IT Disaster Recovery Plan Template
IT Disaster Recovery Plan Template
Opstune
IOC Scan Framework v2.0
IOC Scan Framework v2.0
Federal Office for Information Security
Indirect Prompt Injections
Indirect Prompt Injections
the Department of the Environment Climate and Communications
Guidelines on CyberSecurity Specifications
Guidelines on CyberSecurity Specifications
Edelman
INCIDENT RESPONSE REFERENCE GUIDE
INCIDENT RESPONSE REFERENCE GUIDE
Security METRICS
Security Metrics Guide to PCI DSS Compliance
Security Metrics Guide to PCI DSS Compliance
SOC TIPS Cybersecurity
Guia de Resposta a Incidentes de Segurança para LGPD
Guia de Resposta a Incidentes de Segurança para LGPD
CDCP
FIREWALL Audit CHECKLIST
FIREWALL Audit CHECKLIST
GitGuardian
Secrets Management Maturity Model
Secrets Management Maturity Model
MegaCorp One
Sample Penetration Test Report
Sample Penetration Test Report
FORTINET
Routing in FortiGate
Routing in FortiGate
FUTURE OF PRIVACY FORUM
Risk Framework Body Related Data (PD) Immersive Tech
Risk Framework Body Related Data (PD) Immersive Tech
ENISA
Remote ID Proofing Good Practices
Remote ID Proofing Good Practices
Google
Why Red TeamsPlay a Central Rolein Helping OrganizationsSecure AI Systems
Why Red TeamsPlay a Central Rolein Helping OrganizationsSecure AI Systems
Red Canary
Threat Detection Report 2024
Threat Detection Report 2024
HADESS
Pwning the Domain Persistence
Pwning the Domain Persistence
Australian Goverment
PROTECTIVE SECURITYPOLICY FRAMEWORKSecuring government business:Protective security guidance for executive
PROTECTIVE SECURITYPOLICY FRAMEWORKSecuring government business:Protective security guidance for executive
CISC (Comité Internacional Sobre Ciberseguridad)
Política Nacional de Ciberseguridad 2023-2028
Política Nacional de Ciberseguridad 2023-2028
Google
Perspectiveson Securityfor the Board
Perspectiveson Securityfor the Board
HADESS
OSINT Method for Map Investigations
OSINT Method for Map Investigations
CCN-CERT
Observatorio Riesgos Ciberseguridad 2024
Observatorio Riesgos Ciberseguridad 2024
CYBERTHEORY
The ISMG Cybersecurity Pulse Report 2024 is a treasure trove of insights from the RSA Conference, revealing the dynamic landscape of cybersecurity. From AI to Zero Trust: A comprosive guide to the key themes and expert opinions from RSA CONFERENCE 2024 – #RSAC2024
The ISMG Cybersecurity Pulse Report 2024 is a treasure trove of insights from the RSA Conference, revealing the dynamic landscape of cybersecurity. From AI to Zero Trust: A comprosive guide to the key themes and expert opinions from RSA CONFERENCE 2024 – #RSAC2024
FORTINET
Bloking Malware Through Antivirus Security Profile in FortiGate
Bloking Malware Through Antivirus Security Profile in FortiGate