CyberSecurityBoard
Sponsor Register Login

Healthcare Cyber Attacks - 276 Million Patient Records were Compromised In 2024

As cyber criminals refine their tactics, healthcare organizations must prioritize patch management, employee training, and multi-layered threat prevention to safeguard sensitive patient data. In 2024, the healthcare sector faced an unprecedented wave of cyber attacks, with 276 million patient records exposed globally. Check Point’s Harmony Email & Collaboration suite blocked over 7,000 MedStealer-linked phishing attempts in 2024, highlighting the critical role of adaptive email security. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. The fallout was catastrophic: stolen data fueled insurance fraud, illicit prescription drug sales, and even life-threatening medical errors when EHRs were altered. Check Point analysts noted that MedStealer’s authors used DNS tunneling to exfiltrate data, disguising stolen records as benign HTTPS traffic. A typical attack began with a phishing email titled “Your Appointment is Ready!”, which included a fake medical ID and urgency to act. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. Among the most insidious threats was MedStealer, a malware strain that targeted electronic health records (EHRs), insurance databases, and patient portals. The malware’s primary objective was to exfiltrate personally identifiable information (PII), insurance details, and medical histories, which were later sold on dark web markets for premiums exceeding $1,000 per record. First observed in early 2024, MedStealer exploited vulnerabilities in legacy healthcare IT systems and third-party vendor networks. Check Point researchers identified MedStealer’s distribution network, which relied heavily on spear-phishing emails disguised as appointment confirmations or prescription notifications. The campaign’s success stemmed from its use of geofencing-targeting users based in the U.S.-and leveraging compromised healthcare employee credentials to bypass email filters. Attack vectors ranged from phishing campaigns impersonating medical platforms like Zocdoc to SQL injection attacks on unpatched servers. Notably, MedStealer exploited vulnerabilities in DICOM protocols (used for medical imaging), allowing lateral movement within hospital networks. Tushar is a Cyber security content editor with a passion for creating captivating and informative content.

This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 15 May 2025 07:30:21 +0000


Cyber News related to Healthcare Cyber Attacks - 276 Million Patient Records were Compromised In 2024

CVE-2023-52975 - In the Linux kernel, the following vulnerability has been resolved: ...
2 months ago
Cybersecurity in the Healthcare Industry: Protecting Patient Data - In the rapidly advancing era of technology, the healthcare industry faces a critical challenge: protecting patient data from cyber threats. This article will emphasize the significance of cybersecurity in the healthcare industry and explore the ...
1 year ago Securityzap.com
Why healthcare data is often the target of ransomware attacks - Healthcare data in recent years has been a very lucrative target for cyberattacks, particularly ransomware, with attackers holding healthcare information, and potentially patient lives, for ransom. Cybercriminals are increasingly focusing on ...
1 year ago Techtarget.com
Best Cloud Security Providers for Healthcare Services - Cloud Security Providers for Healthcare offer specialized services to protect data and applications hosted in cloud environments. When picking a cloud security providers for healthcare, it's important to think about things like how well they follow ...
1 year ago Cybersecuritynews.com
The Imperative for Robust Security Design in the Health Industry - COMMENTARY. In an era dominated by digital innovation and technological advancements, healthcare companies find themselves at the intersection of immense opportunity and equally unprecedented risk. The digitalization of patient records, electronic ...
1 year ago Darkreading.com
Healthcare Cyber Attacks - 276 Million Patient Records were Compromised In 2024 - As cyber criminals refine their tactics, healthcare organizations must prioritize patch management, employee training, and multi-layered threat prevention to safeguard sensitive patient data. In 2024, the healthcare sector faced an unprecedented wave ...
1 month ago Cybersecuritynews.com
Unveiling the true cost of healthcare cybersecurity incidents - As healthcare organizations increasingly rely on interconnected systems, electronic health records, and telemedicine, the industry becomes a prime target for malicious actors seeking to exploit vulnerabilities. The consequences of a cybersecurity ...
1 year ago Helpnetsecurity.com
Changing How Healthcare Works: Big News in Communication - In a pivotal transformation within the healthcare industry, a prominent shift is currently unfolding. Direct Secure Messaging has emerged as a game-changer, modernising the way vital information is shared among healthcare providers, pharmacies, and ...
1 year ago Cysecurity.news
Future Health: AI's Impact on Personalised Care in 2024 - As we dive into the era of incorporating Artificial Intelligence into healthcare, the medical sector is poised for a profound transformation. AI holds immense potential in healthcare, offering groundbreaking advancements in diagnostics, personalised ...
1 year ago Cysecurity.news
Electronic Frontier Foundation - We're not just talking about the ballot box, but the everyday power we all have to demand government agencies make their records and data available to public scrutiny. At every level of government in the United States, there are laws that empower the ...
1 year ago Eff.org
Transforming in the Age of Healthcare Digitalization - Healthcare and technology increasingly intersect in today's world, and cybersecurity has become a primary concern for many companies. The recent attack on Change Healthcare serves as a harsh reminder of the vulnerabilities facing the healthcare ...
11 months ago Cyberdefensemagazine.com
Ascension Cyber Attack Heightens Focus on Healthcare Cybersecurity Measures - The healthcare sector is increasingly targeted by cybercriminals, as evidenced by recent high-profile attacks that disrupt services and highlight vulnerabilities in this critical industry. The recent cyber attack on Ascension, in particular, has ...
1 year ago Cysecurity.news
US govt probes if ransomware gang stole Change Healthcare data - The U.S. Department of Health and Human Services is investigating whether protected health information was stolen in a ransomware attack that hit UnitedHealthcare Group subsidiary Optum, which operates the Change Healthcare platform, in late ...
1 year ago Bleepingcomputer.com
Cyber Guardians: INE Security Champions Cybersecurity Training During National Physicians Week 2025 - INE Security, a global leader in cybersecurity training, certifications, and certification preparation, is at the forefront of helping healthcare organizations fortify their cyber defenses through education. INE Security’s comprehensive ...
2 months ago Cybersecuritynews.com
Health Care Network in Crisis: Cyberattack Shuts Down Operations Across US - In a statement released Thursday evening by Ascension Hospital, a nonprofit network based in St. Louis with 140 hospitals across 19 states, it was also reported that electronic health records, some phone systems, as well as several systems used to ...
1 year ago Cysecurity.news Black Basta
What we learned over coffee at the year's biggest healthcare event - Healthcare organizations are dedicated to providing exceptional care, prioritizing the patient's satisfaction and experience through a patient-centered approach. This approach ensures patients are firmly at the center of their care and engaged in ...
1 year ago Feedpress.me
Ransomware's appetite for US healthcare sees known attacks double in a year - Following the February 21 attack on Change Healthcare, scores of people in the US have been living with the brutal, real-world effects of ransomware. It has also created skyrocketing pharmacy bills, pushed some healthcare providers to the edge of ...
1 year ago Malwarebytes.com Rocke LockBit
Data Breaches in US Schools Exposed 37.6M Records - Since 2005, educational institutions in the United States have experienced 3713 data breaches, impacting over 37.6m records. According to new data by Comparitech, 2023 marked a record year, with 954 breaches recorded - a dramatic rise from 139 in ...
1 year ago Infosecurity-magazine.com
Cybersecurity Management Lessons from Healthcare Security Breaches - 2024 looks like it will only increase the number of affected individuals considering the scale of ransomware attacks from the first half of the year in the USA, Canada, and Australia. Unusual activity detected on May 8, 2024, caused Ascension ...
1 year ago Esecurityplanet.com Black Basta
Best Network Security Providers for Healthcare - The exponential growth of Electronic Health records, telemedicine, and interconnected medical devices creates a complex healthcare ecosystem demanding robust network security. Network security providers specializing in healthcare offer a ...
1 year ago Cybersecuritynews.com
IoT Adoption in Healthcare: Security Opportunities and Benefits - The Internet of Things (IoT) is the technology that has increasingly become popular in various industries and has been gaining traction in the healthcare sector. With the rise of healthtech, the proliferation of connected medical devices, and the ...
2 years ago Csoonline.com
Change Healthcare's New Ransomware Nightmare Goes From Bad to Worse - Change Healthcare is facing a new cybersecurity nightmare after a ransomware group began selling what it claims is Americans' sensitive medical and financial records stolen from the health care giant. RansomHub claimed it had health care data on ...
1 year ago Wired.com Ransomhub
HHS to investigate UnitedHealth and ransomware attack on Change Healthcare - The U.S. Department of Health and Human Services is launching an investigation into the ransomware attack on Change Healthcare following weeks of disruption to healthcare and billing operations at hospitals, clinics and pharmacies across the country. ...
1 year ago Therecord.media LockBit
Ransomware gang starts leaking alleged stolen Change Healthcare data - The RansomHub extortion gang has begun leaking what they claim is corporate and patient data stolen from United Health subsidiary Change Healthcare in what has been a long and convoluted extortion process for the company. In February, Change ...
1 year ago Bleepingcomputer.com Ransomhub
Claroty Team82: 63% of Known Exploited Vulnerabilities Tracked by CISA Are on Healthcare Organization Networks - PRESS RELEASE. NEW YORK and ORLANDO, Fla., March 12, 2024/PRNewswire/ -Claroty, the cyber-physical systems protection company, released today at the annual HIMSS24 conference a new report that uncovered concerning data about the security of medical ...
1 year ago Darkreading.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)