The scam begins when someone calls the given number to seemingly avoid being charged for something they don't want. In rare instances, they may further inform their targets that the subscription has already been renewed, and that their account has been debited.Īfter making victims panic, scammers instruct them to contact their billing department by calling the number provided to cancel the subscription or get a refund for the amount deducted (which hadn't actually been charged anyway). Using an official logo and professional-looking design, cybercriminals make the email appear authentic.īesides that, scammers also include a fake invoice and mention a NortonLifeLock subscription that will be renewed within 24 hours. The scammers add a fake custom ID, invoice number, and renewal date to make the email appear genuine. They present the email as an official notification from NortonLifeLock, a real cybersecurity software company. In March, the telehealth company Cerebral reported a data breach related to pixel trackers and said it disclosed the data of more than 3.1 million patients between October 2019 to January 2023 without obtaining HIPAA consent.Īndrea Fox is senior editor of Healthcare IT News.Įmail: IT News is a HIMSS Media publication.The NortonLifeLock subscription renewal scam is an email scam in which cybercriminals send a fake notification email to recipients about the renewal of an antivirus system. Department of Health and Human Services Office for Civil Rights breach portal. In February, Regal Medical Group in California reported a large data breach related to a ransomware incident in December that the provider said affected more than 3.3 million patients, according to the U.S. The PharMerica data breach may be the largest reported this year thus far and may affect the largest number of individuals – and their descendants. "Imagine if a ransomware attack halted a manufactured COVID-19 vaccine hostage or stopped the production of vital chemotherapy drugs," said Bob Maley, Black Kite’s chief security officer, in the report announcement. A cyberattack on a pharmaceutical company could mean life or death for consumers," the researchers noted. "An interruption in manufacturing lifesaving drugs or therapies would be catastrophic for many. The frequency of cyber-attacks increases every year, but COVID-19 set off its own panic in the pharmaceutical industry.Ī pandemic-era report by Black Kite said drug companies are at high risk for extortion attacks because of the severity a shutdown of operations would exact on the public. The group claims to have nearly shut down PharMerica's operations, but the company does not say its operations have been disrupted in its sample letter filed with Maine or on its website, as of today. The group also reportedly said it would "publish this information in geometrical progression every 48 hours," which said it had. Money Message claimed to have 2 million PharMerica and BrightSpring Health records including Social Security numbers from 400 databases, according to a story update. Was it ransomware?ĭ has been following the breach since early April, claiming the publication had communicated with a newer "Money Message" ransomware group, which offered proof it had extorted data with screencaps. In its May 12 letter to affected patients and executors of deceased patients' estates, included with its data breach notification filed with the state of Maine, the Louisville, Kentucky-based company recommends that the executors of deceased patients request a copy of a deceased individual’s credit report and notate "Deceased – Do not issue credit" or request to be notified if an application is made for credit. PharMerica posted a statement to its website that said an investigation into a breach of its network "identified a data population whose personal information and limited medical information – names, dates of birth, Social Security numbers, medication lists and health insurance information – were disclosed." PharMerica and its parent company, BrightSpring Health Services, Inc., disclosed it learned of suspicious activity on its computer network on March 14 and an internal investigation determined the unknown third party accessed computer systems from March 12-13 and may have obtained personal information.
0 Comments
Leave a Reply. |