Department of Human Services issues cybersecurity threat

 

To: Healthcare Providers From: Greg Schlosser, Branch Chief, Health Care Education and Quality, HFEMSD The Department of Health and Human Services’ (HHS) Health Sector Cybersecurity Coordination Center (HC3) is urging healthcare agencies and other critical infrastructure to take immediate action to patch and harden network systems against the ransomware threat “Citrix Bleed.” The vulnerability allows cyberthreat actors to bypass password requirements and multifactor authentication measures, to access private healthcare information. Read more. HC3 released a Sector Alert on November 30, 2023, which outlines patches, mitigations, and workarounds. Please review and share within your organization, as appropriate. We will forward any additional information we receive. For more information, contact Melanie.Roth-Lawson@state.co.us.