"HHS Issues Advisory on Clop Data Breach Threat"

Recently the Department of Health and Human Services (HHS) published an alert that warned that Russia-linked ransomware group Clop took responsibility for attacking more than 130 organizations, including some in the health industry, using secure file transfer software, GoAnywhere MFT.  Tennessee-based Community Health Systems was breached as part of the attacks, leading to the compromised health information on up to 1 million patients.  The HHS stated that 24 hospitals and multi-hospital healthcare systems were attacked by Clop in 2022.  Clop is a ransomware group that has been active since February 2019.  The number of hospitals that were able to be successfully attacked by Clop shows how vulnerable personal health information is to cyberattacks.  More than 289 hospitals may have been impacted by ransomware attacks in 2022.  The HHS stated that customer portals were particularly vulnerable.  To address the threat of cybersecurity attacks, the HHS alert advises organizations to educate and train staff to lower the risk of attacks through email and network access.  It also recommends assessing risks and forming a plan that outlines the necessary budget, staff, and tools to combat cyberattacks.  

Healthcare Dive reports: "HHS Issues Advisory on Clop Data Breach Threat"