>
US Fighter Jet Shot Down Over Red Sea In Disastrous 'Friendly Fire' Incident
7 Electric Aircraft That Will Shape the Future of Flying
Virginia's fusion power plant: A step toward infinite energy
Concerns over the Security of Electronic Personal Health Information Intensifies
"I am Exposing the Whole Damn Thing!" (MIND BLOWING!!!!) | Randall Carlson
Researchers reveal how humans could regenerate lost body parts
Antimatter Propulsion Is Still Far Away, But It Could Change Everything
Meet Rudolph Diesel, inventor of the diesel engine
China Looks To Build The Largest Human-Made Object In Space
Ferries, Planes Line up to Purchase 'Solar Diesel' a Cutting-Edge Low-Carbon Fuel...
"UK scientists have created an everlasting battery in a diamond
First look at jet-powered VTOL X-plane for DARPA program
Billions of People Could Benefit from This Breakthrough in Desalination That Ensures...
Tiny Wankel engine packs a power punch above its weight class
On Friday, an attorney for Ascension Health, a major U.S. hospital operator, wrote to Maine's attorney general to tell him the electronic personal health information (e-PHI) of Ascension patients and employees were compromised during the ransomware attack that occurred in May that affected nearly 5.6 million people.
The attack significantly disrupted Ascension's operations across its extensive network, encompassing 134,000 associates, 35,000 affiliated providers, and 140 hospitals in 19 states and the District of Columbia. Immediate consequences included the diversion of ambulances, closure of pharmacies, and a reversion to manual record-keeping methods as critical IT systems had to be taken offline.
Ascension attorney Sunil Shenoi said in his December 19 letter to the Maine Attorney General's Consumer Protection Division that the company "will begin notifying applicable Maine residents of the security incident" through the U.S. Postal Service.
Despite the growing scale of cyber threats against the healthcare industry, a Congressional Research Service (CRS) report earlier this month emphasized that "there is no comprehensive digital data protection law in the United States." Variable state data privacy and security laws compound this problem. Furthermore, while many data protection guidance documents are available, they are voluntary.
The attack on Ascension is the latest cyber-attack targeting the healthcare sector, which is particularly vulnerable due to the sensitive nature of patient data and the critical importance of uninterrupted medical services. Earlier this year there was a similar ransomware attack on Change Healthcare, a subsidiary of UnitedHealth Group that affected the personal health information of 100 million people, underscoring once again the escalating cybersecurity challenges healthcare providers face.
The February ransomware attack on Change Healthcare – attributed to the BlackCat cybercrime group – disrupted electronic payments and medical claims processing affecting healthcare providers and patients nationwide.
UnitedHealth CEO Andrew Witty told the House Committee on Energy and Commerce's Subcommittee on Oversight and Investigations in May that the cyber "criminals used compromised credentials to remotely access a Change Healthcare Citrix portal, an application used to enable remote access to desktops [which] did not have multi-factor authentication. Once the threat actor gained access, they moved laterally within the systems in more sophisticated ways and exfiltrated data. Ransomware was deployed nine days later."