to hack 7109362 640

Large Uptick In Healthcare Cyberattacks Thanks To MOVEit Vulnerabilities 

11 Aug, 2023 F.J. Thomas

to hack 7109362 640

Sarasota, FL ( – Since the first of the year, there have been 384 data breaches reported, with over 58.9 million patient records impacted. For third quarter, there have 59 reports filed so far, with around 17.3 million patient records compromised. 

Recently, a large number of businesses, government departments, and healthcare systems have been hit by a string of cyberattacks that exploit vulnerabilities of the MOVEit platform. Produced by Ipswitch, Inc, MOVEit is a cloud based file consolidation and transfer software. In June, a CISA cybersecurity advisory was released announcing that the CL0P ransomware group installed a web shell program called LEMURLOOT on the internet facing MOVEit web applications. This allowed data to be stolen from the underlying MOVEit transferring databases. CLOP, a Russian ransomware group, claimed responsibility for the attacks in which over 122 organizations have been breached so far. 

According to a report earlier this month from Becker’s, at least six healthcare organizations have been hit in the MOVEit attacks. In July, CMS Medicare announced that the social security number and date of birth of at least 612,000 current Medicare beneficiaries had been exposed. 

John Hopkins Health Systems in Baltimore, as well as St. Petersburg, Florida have been hit as well, with names, addresses, dates of birth and social security numbers exposed.  Johns Hopkins began sending out notifications on June 14th. On July 7th, a class action lawsuit was filed in Maryland alleging that the organization did not take appropriate steps to secure patient protected data. 

Other health organizations impacted by the MOVEit cyberattacks include Harris Health System and  UT Southwestern Medical Center based in Texas, and UofLHealth located in Louisville, Kentucky. 

Earlier this month, Prospect Medical Holdings, Inc. also announced their medical systems were effected by a data breach. While the investigation is currently in process, there is no indication of whether the attack is related to the MOVEit incidents. The company is based in California, but operates over 165 clinics and 16 hospitals across the state, as well Rhode Island, Pennsylvania, and Connecticut.

According to University of Texas researcher Nan Clement, from 2010 to 2022 hospitals in the process of a merger were twice as likely to experience a data breach attack in the year before and after the closure of the deal. According to her analysis, the probability of a data breach within a two-year window of a merger negotiation is 6 percent, compared to 3 percent for those systems not in negotiation. Clement believes certain times during the process are more vulnerable stating, “The time leading up to and following the merger deal-signing is indeed a riskier period.”

  • arising out of arizona california case management case management focus claims cms compensability compliance courts covid do you know the rule exclusive remedy florida FMLA fraud glossary check health care Healthcare iowa leadership medical medicare minnesota NCCI new jersey new york ohio opioids osha pennsylvania Safety state info texas violence virginia WDYT west virginia what do you think women's history month workers' comp 101 workers' recovery workers' compensation contact information Workplace Safety Workplace Violence

  • Read Also

    About The Author

    • F.J. Thomas

      F.J. Thomas has worked in healthcare business for more than fifteen years in Tennessee. Her experience as a contract appeals analyst has given her an intimate grasp of the inner workings of both the provider and insurance world. Knowing first hand that the industry is constantly changing, she strives to find resources and information you can use.

    Read More

    Request a Demo

    To request a free demo of one of our products, please fill in this form. Our sales team will get back to you shortly.