On June 29, hospital executives at Massachusetts General Hospital confirmed that they had been breached, personal information of about 4,300 dental patients had been affected. A third-party vendor is being pointed at being the culpable party for the unauthorized access to the network of Patterson Dental Supply, which services Massachusetts General Hospital with the software used in managing dental practice information. Stolen patient information includes name, date of birth and Social Security number. Plus, some records could have also included date and type of dental appointment.
References: Massachusetts General Hospital data breach affects 4.3K patients | 4,300 records breached at Massachusetts General Hospital in Boston | Data breach at Mass. General involves 4,300 dental patients
Attackers are taking old malware and repackaging it with the latest and most sophisticated attack tools to target medical devices running on legacy operating systems, leaving them susceptible to old, and often overlooked, malware. MEDJACK.2 is able to launch these attacks without detection, and establish backdoors within hospitals and medical devices.
Medical devices vulnerable to MEDJACK.2 include diagnostic equipment (PET scanners, CU scanners, MRI machines, etc.), therapeutic equipment (infusion pumps, medical lasers, surgical machines), life support equipment (heart/lung machines, medical ventilators, dialysis machines) and more.
References: Old malware used in new medical device hijacking attacks to breach hospitals | X-ray and MRI machines among devices used as springboards for data breach attacks | New exploits target hospital devices, places patients at risk
*IP addresses provided by Recorded Future.
Want to learn about Alert Logic products in more detail? Call us direct at +1.877.484.8383, for the UK call +44 (0) 203 011 5533, or complete this form. An Alert Logic representative will contact you soon.