Security Affairs
Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Richmond University Medical Center data breach impacted 674,033 individuals

Richmond University Medical Center has confirmed that a ransomware attack in May 2023 affected 670,000 individuals. New York’s Richmond University Medical Center confirmed a May 2023 ransomware attack impacted 674,033 individuals. Richmond University Medical Center (RUMC) is a healthcare institution based in Staten Island, New York. It provides a wide range of medical services, including […]

Xsolis

Richmond University Medical Center has confirmed that a ransomware attack in May 2023 affected 670,000 individuals.

New York’s Richmond University Medical Center confirmed a May 2023 ransomware attack impacted 674,033 individuals.

Richmond University Medical Center (RUMC) is a healthcare institution based in Staten Island, New York. It provides a wide range of medical services, including inpatient and outpatient care, emergency services, and specialty care in areas such as cardiology, oncology, pediatrics, and behavioral health.

In May 2023, RUMC suffered a ransomware attack that caused a multi-week disruption. The attack forced manual data entry and individual patient monitoring.

RUMC hasn’t disclosed details about the attack, such as the ransomware group that breached its systems. At the time of this writing, no ransomware group claimed responsibility for the attack.

Despite the challenges, the hospital maintained full patient services, limiting disruptions to overnight trauma and stroke care. A recovery team, with help from a cybersecurity firm, worked to restore systems and assess the attack’s scope, including its potential impact on patient data. Emergency care and patient admissions remained unaffected during the incident.

RUMC disclosed a data breach that potentially involved sensitive files containing personal and health information, including names, Social Security numbers, dates of birth, driver’s license numbers or state identification numbers, other government identification numbers, financial account information, credit or debit card information, biometric information, user credentials, medical treatment/diagnosis information, and/or health insurance policy information.

“We discovered unauthorized access to our network that resulted in the unauthorized access to, or acquisition of, certain files by an unauthorized actor. Upon learning of this issue, we immediately contained and secured the threat and commenced a prompt and thorough investigation.” reads the incident notice published by the RUMC. “Our investigation was done in consultation with outside cybersecurity professionals who regularly investigate and analyze these types of situations to help determine whether any sensitive data had been compromised because of the incident. Although the initial forensic investigation determined our electronic health records system was not affected by the incident, the investigation subsequently determined that certain other files may have been accessed or removed from our network on or around May 6, 2023.”

The company notified impacted individuals and advised them on protective measures.

RUMC offered 12 months of free credit monitoring to those individuals with compromised Social Security numbers.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, data breach)