Medical Web Experts Security Bulletin: November 2021

Pablo Bullian

Pablo Bullian

Posted on November 09, 2021

PHI Leaked Due to Fresno’s Health Network Hack

A group of health clinics in the Fresno area that belongs to United Health Centers were hit by a ransomware attack. Not only did the attack render data unavailable, but some documents were also leaked online, exposing PHI and PII of patients and personnel. Under HIPAA and state laws, healthcare data breaches have to be reported, which was not the immediate case of this attack. In response, the State Attorney General sent a notice to industry organizations reminding them of the disclosure regulations. Not only should healthcare providers have a strong security defensive posture, but they should also make sure that they comply with federal and state regulations, especially in cases of data exposure.

CISA, FBI, and NSA Joint Advisory on BlackMatter Ransomware

BlackMatter is a ransomware-as-a-service (Raas) tool that allows cybercriminals to deploy this ransomware suite in exchange for a piece of the ransom, which then goes back to the original developers. It’s important to note the actions recommended to protect against ransomware attacks in general: having a thorough backup policy, implementing transversal monitoring, using MFA (multi-factor authentication), and training personnel to be aware of phishing attacks and the importance of having unique and strong passwords for each account.

One-Time Passwords Phishing Campaign Hits Hundreds of Users

OTPs (One-Time Passwords) can be seen as a good solution to mitigate password spraying attacks in the case of users reusing passwords. But in this case, a group of Italian users of the famous cryptocurrency site, Coinbase, were lured into giving their temporary passwords to the attackers, which allowed them to access the victims’ accounts. Organizations should invest in training their personnel to be alert and know how to detect phishing attacks. More advanced, personalized, and creative techniques to lure users are seen every day, so companies should continually remind employees about the dangers of it.

Payment Processing Terminals May Be Tied to Hacks

PAX, a company that manufactures point-of-sale terminals, is being investigated over security concerns with their devices. A client of those terminals detected that the terminals were connecting to unspecified internet websites, which the company didn’t clarify. The FBI joined the investigation in PAX offices in the United States to try to identify the source of these connections. An important part of the internal security policy process is vetting your company’s providers in terms of cybersecurity since, nowadays, supply chain attacks are on the rise.


Pablo Bullian

Pablo Bullian

Pablo, our Chief Information Security Officer, architected and manages Medical Web Expert’s HIPAA-compliant hosting infrastructure. He is a Certified Information Systems Security Professional (CISSP), Amazon Web Services (AWS) Certified Solutions Architect, and Cisco Certified Network Associate (CCNA). Pablo has an M.S. in Cybersecurity from the University of Buenos Aires and he’s passionate about all things related to cybersecurity and cloud hosting.

Related Posts

Graphic of a large laptop with a shield and padlock in front of it. Smaller images of people on the left and right side of the labtop interact with various mobile devices.

Posted on February 16, 2022 by Pablo Bullian

Welcome back to the Medical Web Experts Security Bulletin. Below are some recent developments that may impact your organization, as well as our recommendations for keeping your systems secure. Mitigating…Read more


Illustration of a boy sittin on top of a computer with security shields floating.

Posted on January 07, 2022 by Pablo Bullian

A Look at 2021’s Most Dangerous Vulnerabilities Found in Windows Patching is a complex task that most companies struggle with or overlook, but keeping systems, and therefore patches, updated is…Read more