Medical Web Experts Security Bulletin: April 2021

Pablo Bullian

Pablo Bullian

Posted on April 01, 2021

Welcome back to the Medical Web Experts Security Bulletin. Below are some recent developments that may impact your organization, as well as our recommendations for keeping your systems secure.

Do business in Virginia? They just passed a major data privacy law

The state of Virginia has passed the Consumer Data Protection Act, which is similar to California’s CCPA. This new law defines how controllers (i.e. a person or group that determines how collected data is used) should collect, handle, and share personal information.

If your organization does business in Virginia, you need to be ready for this (and for similar laws that other states could introduce in the future). Medical Web Experts offers a number of compliance audits, including California’s CCPA, Virginia’s CDPA, Europe’s GDPR, ADA, HIPAA, and more. Contact us to learn how to get your website, apps, and portals compliant.

Hacked therapy center Vastaamo is liquidating its assets

The story of Vastaamo is one that shows just how devastating a hack can be for a business. Ever since hackers held private mental health services company Vastaamo’s patient data ransom for nearly half a million euros, the company has been in both PR and financial trouble. Vastaamo lost much of their clientele after the scandal, and the business can no longer support itself.

This story serves as an example of just how important it is to keep PHI or PII secure, and to have strong risk assessment and security policies in place.

Microsoft Defender Antivirus now detects hacked exchange servers

Microsoft has created an automatic mitigation tool to contain security incidents caused by the bugs that have affected millions of exchange servers in the past few weeks. We recommend turning on all automatic updates for these security tools on your servers and workstations. Even though Microsoft had already released patches to address these bugs, thousands of servers are still at risk and are being exploited because they don’t have the latest patches.

Australian health center cancels surgeries after being hacked

No details have emerged, but an Australian health center had to disconnect large parts of its IT networks and devices after a security incident. This incident had a direct impact on scheduled surgeries and procedures.

Again, this news shows just how problematic a hack can be in sensitive industries like healthcare. Having a strong security plan and policies in place, and segmenting these critical or delicate systems (as well as their data), would help prevent major disruptions.


Pablo Bullian

Pablo Bullian

Pablo, our Chief Information Security Officer, architected and manages Medical Web Expert’s HIPAA-compliant hosting infrastructure. He is a Certified Information Systems Security Professional (CISSP), Amazon Web Services (AWS) Certified Solutions Architect, and Cisco Certified Network Associate (CCNA). Pablo has an M.S. in Cybersecurity from the University of Buenos Aires and he’s passionate about all things related to cybersecurity and cloud hosting.

Related Posts

Graphic of a large laptop with a shield and padlock in front of it. Smaller images of people on the left and right side of the labtop interact with various mobile devices.

Posted on February 16, 2022 by Pablo Bullian

Welcome back to the Medical Web Experts Security Bulletin. Below are some recent developments that may impact your organization, as well as our recommendations for keeping your systems secure. Mitigating…Read more


Illustration of a boy sittin on top of a computer with security shields floating.

Posted on January 07, 2022 by Pablo Bullian

A Look at 2021’s Most Dangerous Vulnerabilities Found in Windows Patching is a complex task that most companies struggle with or overlook, but keeping systems, and therefore patches, updated is…Read more