With the start of the new month and Tax season now over, cybercriminals are beginning to shift their focus on to new trends. This time targeting tech and healthcare giants for patient sensitive information out by the millions.
I’m sure you all have heard it before ‘I’m just one person and keep my circle small, I’m not going to fall victim to a cybercrime. I’m so careful.’ Or even; “I just use the necessities and take what I believe are the cautionary steps”. Until you’re not. Even just this morning a colleague received a phishing text claiming they saw their ‘resume’ and had a job opening with no further context. They pointed out the message’s red flags, which included a high amount of compensation for said job, no description of position or company name and contact information did not match. As annoying as it is to receive these types of unwanted messages, the attempt likely came from the individual placing their email to receive newsletters & updates of a product and service of their choosing. Not expecting their email or any other additional information to be involved for phishing attempts.
Bad cyber actors can target you by weaponizing your interests and analyzing your behaviors to curate messages that are intentionally set to cause an emotional reaction.
Thankfully, dear reader, you have found our tech tips from your local small business IT Cybersecurity firm at Ekaru. One of our strongest values is providing our clients and anyone willing to listen with the ever-evolving tools you and your team need to be aware of common and sophisticated cyber threats.
Trend for Cybercrime April 2025
Tax season has passed, and many become less vigilant regarding their business activity across multiple accounts. Unfortunately, it may not be anything you did at all. Sometimes it may be your healthcare provider who experienced a cybersecurity incident, and you may have fallen into the millions whose information has been exposed online.
April 2025 witnessed a troubling uptick in healthcare data incidents, underscoring the urgent need for robust cybersecurity measures across the sector. From ransomware attacks to inadvertent data sharing, these incidents have compromised millions of patient records. Below, we are going to name a few incidents that happened in April, all within a 3 week time period that month.
Ascension: Third-Party Vendor Cybersecurity Incident Affects Patient Data
The first incident we are going to go over is Ascension, one of the largest private healthcare systems in the U.S. Ascension disclosed a data breach resulting from a third-party vendor's security vulnerability.
The breach, identified in December 2024 and confirmed in January 2025, exposed sensitive patient information, including Social Security numbers, name, addresses, phone numbers, date of birth, race, and gender. In fact, they also were able to gain access to additional medical records such as previous doctor visits, their physician’s name, admission, charge dates, diagnosis, billing numbers, and more.
With this information out in the open, the notification did not include any information regarding the total number of patients whose data was exposed. What was reported however was that about 114,692 residents in Texas were affected, and in MA 96 residents were affected. Ascension is notifying affected individuals and reviewing its third-party risk management protocols.
For Ascension, this is not the first time the company has experienced a cybersecurity incident. According to a Bleeping Computer article posted December 20, 2024, Ascension had notified 5.6 million patients and employees that their PHIs were stolen in May 2024. They revealed that the cybersecurity incident was caused by an employee who downloaded a malicious file onto a company device. While this malicious file was downloaded onto a company computer, the employee claims this was a mistake.
As an effect, Ascension offers those that have been affected by the cybersecurity incident(s) two years of free identity monitoring services consisting of credit monitoring, fraud consultation and identity theft restoration. These incidents are a harsh reminder that your business and its team must proceed with caution when it comes to downloading files and providing awareness for your business, supply chains to keep themselves safe from cyber threats.
Source: https://www.bleepingcomputer.com/news/security/ascension-discloses-new-data-breach-after-third-party-hacking-incident/
Source: https://www.bleepingcomputer.com/news/security/ascension-health-data-of-56-million-stolen-in-ransomware-attack/
Frederick Health: Ransomware Attack Impacts Nearly 1 million Patients
A ransomware attack on Frederick Health Medical Group in January 2025 compromised data of approximately 934,000 patients. At first, Fredrick did not reveal the full amount of folks affected, they first reported the incident to U.S. Department of Health and Human Services. The stolen information includes names, addresses, dates of birth, health insurance information, driver’s licenses, Social Security numbers, and medical records.
While no group has claimed responsibility, its likely from no claims that Fredrick paid the said ransom demand the cybercriminals asked for. Frederick Health consists of over 4,000 employees in 25 locations, making it one of Fredick County’s largest employees.
The breach highlights the growing vulnerability of healthcare providers to ransomware attacks.
Blue Shield of California: Data Misconfiguration Exposes 4.7 Million Members
Blue Shield of California, a nonprofit health plan serving 6 million members, mistakeably shared sensitive health data of 6 million members, now properly updated to 4.7 million members after investigation. This incident was caused due to a misconfiguration in Google Analytics allowing individuals’ confidential health information to be shared with Google Ads.
The exposed information included insurance plan name, group number, place of residency, gender, family size, medical claim service provider names, patient financial responsibility, and find a doctor search history.
What's important to note is individuals’ personal information such as driver license numbers, banking, credit card information, social security numbers were not exposed in incident ( a plus in its own way).
It is not clear if the company has offered any additional services to help those affected by the incident and strongly urge users to maintain proactive monitoring of their accounts and report any suspicious activity. Incidents like these are a clear reminder that maintaining good cyber hygiene is important for not just your business and its clients, but that also maintains a stable reputation.
Source: https://www.foxnews.com/tech/blue-shield-exposed-4-7m-patients-health-data-google-2
Yale New Haven Health: Data Breach Affects 5.5 Million Patients
Yale New Haven Health, a nonprofit healthcare network, has reported a data breach affecting 5.5 million patients. YNHH is located in Connecticut and is one of the largest healthcare networks in the state, employing 30,000 health professionals.
The breach involved unauthorized access to patient records, including personal and health information such as full name, birth, address, email, phone number, race, gender, social security number, medical record numbers, but not including financial information, or treatment details.. The organization is investigating the incident and has notified affected individuals, providing them with protection services for credit and identity monitoring. Currently, the attackers remain unknown. But what is known is from this cybersecurity incident, YNHH is experiencing lawsuits and a crumbling reputation to keep its patient’s information confidential.
DaVita: Ransomware Attack Disrupts Kidney Dialysis Services
DaVita, a major kidney dialysis provider within the U.S operating 2,600 treatment centers, experienced a ransomware attack that encrypted parts of its computer network, disrupting operations across its clinics.
Despite the cyberattack, patient treatments continued, and the company is working with cybersecurity experts and law enforcement to resolve the issue. So far, nobody has come forward claiming responsibility for being the culprit, this story is still in development with further details to be released.
Strengthening Cybersecurity in Healthcare
These incidents underscore the critical need for healthcare organizations to tighten their cybersecurity defenses. Implementing robust security protocols, conducting regular risk assessments, and educating staff on cybersecurity best practices are essential steps in safeguarding patient data. As cyber threats continue to evolve, proactive measures are crucial to protect sensitive health information.
Our team at Ekaru helps small businesses such as yourself play a valuable role in helping organizations maintain a secure IT infrastructure. Ensuring systems are up to date, monitoring for irregular activity, and supporting compliance with industry regulations. While we do not directly handle cybersecurity incidents, we work closely with specialized cybersecurity firms during such events to ensure a coordinated and effective response.
Our focus remains on keeping your systems operational and secure, while collaborating with experts to address any active threats.
Want to work with us? Our specialists guide you through each phase of improving your security practices, from assessment to implementation. Contact us today to schedule a security review and see how we can help protect your organization's future.
If we're a fit for each other, we'd love to work with you, but there's absolutely no obligation. We love talking about technology and cybersecurity!