FBI warns healthcare companies about hacker threat

Laura Pedulli | | Health Exec | Cybersecurity

The FBI has issued a warning that hackers are actively targeting the healthcare industry, reports Reuters.

The announcement follows the recent attack on hospital group Community Health Systems, which put the personal information of about 4.5 million patients at risk.

"The FBI has observed malicious actors targeting healthcare related systems, perhaps for the purpose of obtaining protected healthcare information and/or personally identifiable information," the FBI said in a "flash" alert directed to healthcare companies, according to Reuters.

"These actors have also been seen targeting multiple companies in the healthcare and medical device industry typically targeting valuable intellectual property, such as medical device and equipment development data,” the agency said in the notice.

Representatives from the FBI, Dept. of Homeland Security, HITRUST and other organizations addressed the CHS breach during its Aug. 21 monthly cyberthreat briefing.

The FBI's alert is not directly linked to the CHS breach but there are similarities in targets, methods and stolen and sought data, said Michael Rosanova, FBI supervisory special agent. Information security consulting firm TrustedSec said the CHS attackers exploited CVE-2014-0160, also known as the "heartbleed" vulnerability.

During the briefing, HITRUST CEO Daniel Nutkis said his organization has fielded numerous queries regarding the CHS breach such as the implications to their organizations, other potential risks and steps to be taken to mitigate risk. The breach led to a lot of speculative coverage but he acknowledged a lack of empirical information.

Laura Pedulli

Related Content

FBI seeking extradition of Israeli prisoner accused of $500M in ransomware attacks
Data breach at chain of clinics impacts 450K patients
Nebraska becomes first state to sue Change Healthcare over data breach
Christmas ransomware exposed over 300K patient records to dark web
Cryo-frozen tissue manufacturer suffers cyberattack
First surgical device of its kind granted key FDA exemption

Around the web

Cardiovascular Business
FDA says years-long tirzepatide shortage is resolved, will give limited leeway to compounders

The tirzepatide shortage that first began in 2022 has been resolved. Drug companies distributing compounded versions of the popular drug now have two to three more months to distribute their remaining supply.

AI in Healthcare
From Capitol Hill to a hospital near you? 5 federal recommendations for healthcare AI policy

The 24 members of the House Task Force on AI—12 reps from each party—have posted a 253-page report detailing their bipartisan vision for encouraging innovation while minimizing risks. 

Cardiovascular Business
Merck spends up to $2B to license new weight loss drug with potential heart benefits

Merck sent Hansoh Pharma, a Chinese biopharmaceutical company, an upfront payment of $112 million to license a new investigational GLP-1 receptor agonist. There could be many more payments to come if certain milestones are met.