At a glance.
- Healthcare firm breach may have exposed patient data.
- Report: spyware in the Caribbean?
- Trends in ransomware.
Breach at Illinois healthcare firm potentially compromises personal information.
Christie Clinic, a large healthcare provider in the US state of Illinois, disclosed that in January it had discerned signs of unauthorized access to an email account between July and August of last year. "The investigation indicated that the purpose of the unauthorized access was to intercept a business transaction between Christie Clinic and a third party vendor," the firm wrote. "This investigation was unable to determine to what extent email messages in the account were actually viewed or accessed by an unauthorized actor. As a result, Christie Clinic undertook a review to identify the full scope of information that could have been contained in the affected email account to determine whether protected information was potentially impacted. On March 10, 2022, Christie Clinic’s review determined that the impacted account MAY have contained certain information related to certain individuals. On March 25, 2022, Christie Clinic provided written notice to all affected individuals whose information was identified in its review."
The clinic says it's seen no signs that the exposed data were abused, but that compromised data may (and they emphasize "may") have included names, addresses, Social Security numbers, some medical information, and health insurance information. The intruders did not gain access to electronic medical records or the clinic's patient portal. The goal of the intrusion appears to have been the compromise of financial transactions.
Spyware in the Caribbean.
Local reports say that police in Trinidad and Tobago may have deployed intercept tools against a range of targets, and that the tool may have been purchased from Israel's NSO Group. But a report in Haaretz suggests that in this case, at least, it probably wasn't NSO Group's controversial Pegasus intercept software, but rather tools purchased from another company. NSO Group is far from the only lawful intercept vendor in the field.
Trends in ransomware.
A white paper by Cybereason tracks recent developments in ransomware. This field of criminal activity represents a particular threat to privacy, threatening as it now routinely does, valuable and often personal information held by its targets. Cybereason sees "a maturation of ransomware operations," as a well-developed criminal-to-criminal market facilitates trade in illicit tools, and as ransomware gangs increasingly target organization that both hold sensitive data and have pockets deep enough to offer the prospect of a decent payout to the extortionists.