Security Affairs
FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Hacker accessed medical info at UMass Memorial Health

A cyber attack hit the UMass Memorial Health, threat actors had access to employee email system, potentially exposing patients info. Threat actors hacked into the employee email system of the UMass Memorial Health healthcare system, potentially accessing the personal information of thousands of patients. The security breach took place between June 2020 and January and […]

Signature Healthcare

A cyber attack hit the UMass Memorial Health, threat actors had access to employee email system, potentially exposing patients info.

Threat actors hacked into the employee email system of the UMass Memorial Health healthcare system, potentially accessing the personal information of thousands of patients.

The security breach took place between June 2020 and January and impacted more than 209,048 individuals. Potentially exposed data include social security numbers, insurance information and medical information.

“Thousands of patients at UMass Memorial Health have been notified of a data breach involving the health system’s email system.” reads a post published by The Telegram & Gazette.

“Some of the emails accessed by hackers included patient information, such as Social Security numbers and medical-related data. The breach affected more than 209,048 individuals, according to the U.S. Department of Health and Human Services, which documents such incidents.”

The healthcare system already notified impacted patients.

“Our investigation to determine the nature and scope of the incident determined on January 27, 2021, that a limited number of UMass employees’ email accounts may have been accessed by an unauthorized person,” reads the notice sent to the patients. “On August 25, 2021, we completed the process of identifying individuals with information contained in the accounts. For patients, the information involved included names, dates of birth, medical record numbers, health insurance information, and clinical or treatment information, such as dates of service, provider names, diagnoses, procedure information, and/or prescription information. For health plan participants, the information involved included names, subscriber ID numbers, and benefits election information. For some individuals, a Social Security number and/or driver’s license number was also involved.”

At this time, the healthcare system was not able to determine how much of the personal information may have been infiltrated. The organization will provide free credit monitoring and data protection assistance to the impacted individuals.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, UMass Memorial Health)

[adrotate banner=”5″]

[adrotate banner=”13″]